Severity by source
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from Vendor (snyk).
CVSS VectorVendor: snyk
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
11Blast Radius
ecosystem impact- 8,980 npm packages depend on simple-git (5,843 direct, 3,220 indirect)
Ecosystem-wide dependent count for version 3.36.0.
DescriptionCVE.org
Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution (RCE) due to an incomplete fix for CVE-2022-25912 that blocks the -c option but not the equivalent --config form. If untrusted input can reach the options argument passed to simple-git, an attacker may still achieve remote code execution by enabling protocol.ext.allow=always and using an ext:: clone source.
AnalysisAI
Remote code execution in simple-git before 3.36.0 allows unauthenticated attackers to execute arbitrary commands via incomplete sanitization of command-line options. The vulnerability bypasses the prior CVE-2022-25912 fix by accepting --config instead of the blocked -c flag, enabling protocol.ext.allow=always configuration and malicious ext:: URLs. Publicly available exploit code exists (POC confirmed), with EPSS score of 0.08% indicating low current exploitation probability despite the theoretical severity. SSVC framework classifies this as automatable with total technical impact.
Technical ContextAI
simple-git is a Node.js wrapper library for Git command-line operations, used to programmatically execute Git commands from JavaScript applications. This vulnerability stems from CWE-94 (Improper Control of Generation of Code), specifically incomplete input sanitization of Git command options. The library previously blocked the short-form -c flag to prevent Git configuration injection, but failed to block the functionally equivalent long-form --config flag. Git's protocol.ext.allow configuration option, when set to 'always', permits execution of arbitrary external protocol handlers. The ext:: URL scheme in Git can invoke shell commands, creating a classic command injection vector. When untrusted user input flows into simple-git's options argument (commonly in automated workflows, CI/CD pipelines, or web applications that clone repositories based on user-supplied URLs), attackers can inject --config protocol.ext.allow=always followed by an ext:: URL containing shell commands. The CPE identifier cpe:2.3:a:n/a:simple-git indicates this is a third-party Node.js package vulnerability affecting the entire simple-git library ecosystem.
RemediationAI
Upgrade simple-git to version 3.36.0 or later, which properly blocks both -c and --config flags to prevent Git configuration injection. Update package.json dependency to "simple-git": "^3.36.0" and run npm update or yarn upgrade. Vendor-confirmed fix available via GitHub commit 89a2294febed5dfe737c4c735d936bb6018746a8 at https://github.com/steveukx/git-js/commit/89a2294febed5dfe737c4c735d936bb6018746a8. If immediate upgrade is not feasible, implement strict input validation on all data passed to simple-git functions: whitelist allowed Git options using an explicit allowlist (never pass user-controlled objects directly to options parameters), validate repository URLs against a strict regex pattern allowing only https://, git://, or ssh:// schemes from trusted domains (explicitly reject ext::, file::, and other special protocols), and run Git operations in sandboxed environments with minimal privileges using containerization or restricted service accounts. Additional defense-in-depth: configure application firewalls to block outbound ext:: protocol attempts, implement Git operation timeouts to prevent long-running malicious commands, and audit existing codebases for patterns like git.clone(userInput) or git.raw([...userArray]). Note that input validation alone is insufficient for long-term security - upgrade remains the primary remediation. Advisory details at https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-15456078 and exploit demonstration at https://gist.github.com/KKC73/02d1d97f3410756095b501fda0ac8ca6.
More in Simple Git
View allsimple-git Node.js library has a command injection vulnerability (EPSS with patch) enabling RCE when processing untruste
The package simple-git before 3.15.0 are vulnerable to Remote Code Execution (RCE) when enabling the ext transport proto
The package simple-git before 3.5.0 are vulnerable to Command Injection due to an incomplete fix of [CVE-2022-24433](htt
The package simple-git before 3.3.0 are vulnerable to Command Injection via argument injection. Rated critical severity
Same weakness CWE-94 – Code Injection
View allSame technique Code Injection
View allVendor StatusVendor
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-25639
GHSA-hffm-xvc3-vprc