CVE Vulnerabilities

CVE-2022-25853

Published: Feb 06, 2023 | Modified: Aug 08, 2023
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

All versions of the package semver-tags are vulnerable to Command Injection via the getGitTagsRemote function due to improper input sanitization.

Affected Software

Name Vendor Start Version End Version
Semver-tags Semver-tags_project - -

References