Ungit
1 CVEs
product
Monthly
The package ungit before 1.5.20 are vulnerable to Remote Code Execution (RCE) via argument injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
RCE
Ungit
NVD
GitHub
CVSS 3.1
8.8
EPSS
33.9%
CVE-2022-25766
npm
EPSS 34%
CVSS 8.8
HIGH
POC
PATCH
THREAT
This Week
The package ungit before 1.5.20 are vulnerable to Remote Code Execution (RCE) via argument injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
RCE
Ungit
NVD
GitHub