Masterminds/vcs

Releases28

Frequency2 months 3 weeks

Last Release about 4 years ago

Stars205

VCS Repo management through a common interface in Go

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-21235 ↗	Apr 1, 2022Friday, 1 April 2022, 16:15	8.1 HIGH	6.8 MEDIUM
The package github.com/masterminds/vcs before 1.13.3 are vulnerable to Command Injection via argument injection. When hg is executed, argument strings are passed to hg in a way that additional flags can be set. The additional flags can be used to perform a command injection.