L33T-KR3W/push-dir

Releases8

Frequency1 month 1 week

Last Release over 9 years ago

Stars264

👉📁 Push the contents of a directory to a remote branch

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2019-10803 ↗	Feb 28, 2020Friday, 28 February 2020, 21:15	9.8 CRITICAL	7.5 HIGH
push-dir through 0.4.1 allows execution of arbritary commands. Arguments provided as part of the variable "opt.branch" is not validated before being provided to the "git" command within "index.js#L139". This could be abused by an attacker to inject arbitrary commands.