MidnightBSD

Advisories for mangoraft

CVE-2019-10802 HIGH

giting version prior to 0.0.8 allows execution of arbritary commands. The first argument "repo" of function "pull()" is executed by the package without any validation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
mangoraft giting *