Uncontrolled Search Path Element in git-bug before 0.7.2

Uncontrolled Search Path Element in git-bug before 0.7.2

CVE-2021-28955 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

git-bug before 0.7.2 has an Uncontrolled Search Path Element. It will execute git.bat from the current directory in certain PATH situations (most often seen on Windows).

Learn more about our Web Application Penetration Testing UK.