The package simple-git before 3.15.0 are vulnerable to Remote Code Execution (RCE) when enabling the ext transport protocol, which makes it exploitable via clone() method. This vulnerability exists due to an incomplete fix of [CVE-2022-24066](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-2434306).
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: snyk
Published: 2022-12-12T01:49:10.008967Z
Updated: 2024-09-16T21:02:21.864Z
Reserved: 2022-02-24T00:00:00
Link: CVE-2022-25912
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-12-06T05:15:11.570
Modified: 2024-11-21T06:53:12.270
Link: CVE-2022-25912
Redhat
No data.