Advisory #5
Titlegitjacker path traversal to remote code execution via crafted .git directory
CVE IDCVE-2021-29417
VendorLiam Galvin
Affected productgitjacker
Affected versions- 0.0.3
Vulnerability typeCWE-22 (Path Traversal)
Descriptiongitjacker has a path traversal that allows a crafted .git directory to execute arbitrary commands once gitjacker cloned it.
StatusFixed in 0.1.0
RecommendationUpdate to version 0.1.0 or later.