VYPR
High severityNVD Advisory· Published Jun 8, 2021· Updated Aug 3, 2024

Remote Command Execution in reg-keygen-git-hash-plugin

CVE-2021-32673

Description

reg-keygen-git-hash-plugin is a reg-suit plugin to detect the snapshot key to be compare with using Git commit hash. reg-keygen-git-hash-plugin through and including 0.10.15 allow remote attackers to execute of arbitrary commands. Upgrade to version 0.10.16 or later to resolve this issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
reg-keygen-git-hash-pluginnpm
< 0.10.160.10.16

Affected products

2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.