CVE-2018-25083

CVSS V2 None CVSS V3 None
Description
The pullit package before 1.4.0 for Node.js allows OS Command Injection because eval is used on an attacker-supplied Git branch name.
Overview
  • CVE ID
  • CVE-2018-25083
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-03-27T03:15:07
  • Last Modified Date
  • 2023-03-31T00:21:54
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:pull_it_project:pull_it:*:*:*:*:*:node.js:*:* 1 OR 1.4.0
History
Created Old Value New Value Data Type Notes
2023-04-17 03:29:13 Added to TrackCVE
2023-04-17 03:29:16 Weakness Enumeration new