CVE-2022-25860
Description
Versions of the package simple-git before 3.16.0 are vulnerable to Remote Code Execution (RCE) via the clone(), pull(), push() and listRemote() methods, due to improper input sanitization. This vulnerability exists due to an incomplete fix of CVE-2022-25912.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
simple-git before 3.16.0 is vulnerable to RCE via clone(), pull(), push(), and listRemote() due to improper input sanitization, bypassing an earlier fix.
Vulnerability
Description The vulnerability in simple-git versions prior to 3.16.0 stems from improper input sanitization in the clone(), pull(), push(), and listRemote() methods. This allows attackers to inject arbitrary Git options such as --upload-pack, --receive-pack, or -u, which can be used to execute arbitrary commands [1]. The flaw is an incomplete fix of CVE-2022-25912, as the previous patch did not cover all attack vectors [1][4].
Exploitation
An attacker can exploit this by passing malicious arguments to these methods. For example, providing -u touch /tmp/pwn to clone() or --upload-pack=touch /tmp/pwn0 to pull() leads to command execution during the Git operation [4]. No authentication is required if the application passes user-controlled input directly to these methods. The attack surface includes any application that uses simple-git with untrusted input for repository URLs, branch names, or other parameters.
Impact
Successful exploitation allows remote code execution with the privileges of the Node.js process. An attacker could compromise the server, access sensitive data, or install malware. The vulnerability has a CVSS score of 9.8 (Critical) under CVSS 3.1, indicating high severity [1].
Mitigation
The issue is fixed in simple-git version 3.16.0. The patch introduces an allowUnsafePack option that must be explicitly set to true to permit potentially dangerous pack-related arguments [2][3]. Users are advised to upgrade to version 3.16.0 or later. If upgrading is not possible, ensure that no user input is passed to the affected methods without sanitization.
AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
simple-gitnpm | < 3.16.0 | 3.16.0 |
Affected products
2- simple-git/simple-gitdescription
Patches
1ec97a39ab60bBlock unsafe pack (push --exec) (#882)
4 files changed · +36 −1
.changeset/fair-cobras-arrive.md+5 −0 added@@ -0,0 +1,5 @@ +--- +'simple-git': patch +--- + +Include restricting the use of git push --exec with other allowUnsafePack exclusions, thanks to @stsewd for the suggestion.
docs/PLUGIN-UNSAFE-ACTIONS.md+21 −0 modified@@ -6,6 +6,27 @@ that any parameter sourced from user input is validated before being passed to t In some cases where there is an elevated potential for harm `simple-git` will throw an exception unless you have explicitly opted in to the potentially unsafe action. +### Enabling custom upload and receive packs + +Instead of using the default `git-receive-pack` and `git-upload-pack` binaries to parse incoming and outgoing +data, `git` can be configured to use _any_ arbitrary binary or evaluable script. + +To avoid accidentally triggering the evaluation of a malicious script when merging user provided parameters +into command executed by `simple-git`, custom pack options (usually with the `--receive-pack` and `--upload-pack`) +are blocked without explicitly opting into their use + +```typescript +import { simpleGit } from 'simple-git'; + +// throws +await simpleGit() + .raw('push', '--receive-pack=git-receive-pack-custom'); + +// allows calling clone with a helper transport +await simpleGit({ unsafe: { allowUnsafePack: true } }) + .raw('push', '--receive-pack=git-receive-pack-custom'); +``` + ### Overriding allowed protocols A standard installation of `git` permits `file`, `http` and `ssh` protocols for a remote. A range of
simple-git/src/lib/plugins/block-unsafe-operations-plugin.ts+8 −0 modified@@ -39,6 +39,14 @@ function preventUploadPack(arg: string, method: string) { `Use of clone with option -u is not permitted without enabling allowUnsafePack` ); } + + if (method === 'push' && /^\s*--exec\b/.test(arg)) { + throw new GitPluginError( + undefined, + 'unsafe', + `Use of push with option --exec is not permitted without enabling allowUnsafePack` + ); + } } export function blockUnsafeOperationsPlugin({
simple-git/test/unit/plugin.unsafe.spec.ts+2 −1 modified@@ -8,9 +8,10 @@ import { describe('blockUnsafeOperationsPlugin', () => { it.each([ + ['clone', '-u touch /tmp/pwn'], ['cmd', '--upload-pack=touch /tmp/pwn0'], ['cmd', '--receive-pack=touch /tmp/pwn1'], - ['clone', '-u touch /tmp/pwn'], + ['push', '--exec=touch /tmp/pwn2'], ])('allows %s %s only when using override', async (cmd, option) => { assertGitError( await promiseError(newSimpleGit({ unsafe: {} }).raw(cmd, option)),
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- github.com/advisories/GHSA-9w5j-4mwv-2wj8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-25860ghsaADVISORY
- github.com/steveukx/git-js/commit/ec97a39ab60b89e870c5170121cd9c1603cc1951ghsaWEB
- github.com/steveukx/git-js/pull/881/commits/95459310e5b8f96e20bb77ef1a6559036b779e13ghsaWEB
- security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-3177391ghsaWEB
News mentions
0No linked articles in our index yet.