git-big-picture before 1.0.0 mishandles ' characters in a branch name, leading to code execution.
References
Link | Resource |
---|---|
https://github.com/git-big-picture/git-big-picture/pull/27 | Patch Third Party Advisory |
https://github.com/git-big-picture/git-big-picture/pull/62 | Patch Third Party Advisory |
https://github.com/git-big-picture/git-big-picture/releases/tag/v1.0.0 | Release Notes Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-01-13T16:14:20
Updated: 2021-01-13T16:16:54
Reserved: 2021-01-06T00:00:00
Link: CVE-2021-3028
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-01-13T17:15:12.913
Modified: 2021-01-19T14:43:59.187
Link: CVE-2021-3028
JSON object: View
Redhat Information
No data.
CWE