Command Injection Vulnerability in libvcs before 0.11.1 via Argument Injection

Command Injection Vulnerability in libvcs before 0.11.1 via Argument Injection

CVE-2022-21187 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

The package libvcs before 0.11.1 are vulnerable to Command Injection via argument injection. When calling the update_repo function (when using hg), the url parameter is passed to the hg clone command. By injecting some hg options it was possible to get arbitrary command execution.

Learn more about our Web Application Penetration Testing UK.