High severity7.5NVD Advisory· Published Feb 14, 2018· Updated Jun 17, 2026
CVE-2018-7032
CVE-2018-7032
Description
webcheckout in myrepos through 1.20171231 does not sanitize URLs that are passed to git clone, allowing a malicious website operator or a MitM attacker to take advantage of it for arbitrary code execution, as demonstrated by an "ext::sh -c" attack or an option injection attack.
Affected products
2Patches
Vulnerability mechanics
References
1- bugs.debian.org/840014nvdExploitPatchThird Party Advisory
News mentions
0No linked articles in our index yet.