Critical severityNVD Advisory· Published Mar 22, 2021· Updated Aug 3, 2024
CVE-2021-28955
CVE-2021-28955
Description
git-bug before 0.7.2 has an Uncontrolled Search Path Element. It will execute git.bat from the current directory in certain PATH situations (most often seen on Windows).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/MichaelMure/git-bugGo | < 0.7.2 | 0.7.2 |
Affected products
2- git-bug/git-bugdescription
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-m898-h4pm-pqfrghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-28955ghsaADVISORY
- github.com/MichaelMure/git-bug/pull/604ghsaWEB
- github.com/MichaelMure/git-bug/security/advisories/GHSA-m898-h4pm-pqfrmitrex_refsource_MISC
- github.com/git-bug/git-bug/security/advisories/GHSA-m898-h4pm-pqfrghsaWEB
- vuln.ryotak.me/advisories/18ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.