Filtered by vendor Vcs Project Subscriptions
Filtered by product Vcs Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-21235 2 Redhat, Vcs Project 3 Openshift, Openstack, Vcs 2024-11-21 8.1 High
The package github.com/masterminds/vcs before 1.13.3 are vulnerable to Command Injection via argument injection. When hg is executed, argument strings are passed to hg in a way that additional flags can be set. The additional flags can be used to perform a command injection.