CVE-2019-10776

Published January 7th, 2020

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

7.5

HIGH

Affected

PROJECT

Description

In "index.js" file line 240, the run command executes the git command with a user controlled variable called remoteUrl. This affects git-diff-apply all versions prior to 0.22.2.

kellyselden/git-diff-apply

Use an unrelated remote repository to apply a git diff

GitHub