Advisory #5
| Title | gitjacker path traversal to remote code execution via crafted .git directory |
| CVE ID | CVE-2021-29417 |
| Vendor | Liam Galvin |
| Affected product | gitjacker |
| Affected versions | - 0.0.3 |
| Vulnerability type | CWE-22 (Path Traversal) |
| Description | gitjacker has a path traversal that allows a crafted .git directory to execute arbitrary commands once gitjacker cloned it. |
| Status | Fixed in 0.1.0 |
| Recommendation | Update to version 0.1.0 or later. |