Go modules package
github.com/masterminds/vcs
pkg:golang/github.com/masterminds/vcs
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-21235 | — | < 1.13.2 | 1.13.2 | Apr 1, 2022 | The package github.com/masterminds/vcs before 1.13.3 are vulnerable to Command Injection via argument injection. When hg is executed, argument strings are passed to hg in a way that additional flags can be set. The additional flags can be used to perform a command injection. |
- CVE-2022-21235Apr 1, 2022affected < 1.13.2fixed 1.13.2
The package github.com/masterminds/vcs before 1.13.3 are vulnerable to Command Injection via argument injection. When hg is executed, argument strings are passed to hg in a way that additional flags can be set. The additional flags can be used to perform a command injection.