Rediscovering argument injection when using VCS tools — git and mercurial
3y agoen
Source
SnykRediscovering argument injection when using VCS tools — git and mercurialsnyk.ioIn this blog post, we aim to demonstrate common scenarios where, even when using a safe API, it’s possible to execute arbitrary commands through injection argument options.
You might also wanna read
Vulnerability in Git: Remote Code Execution Risk with git clone --recursive
Using git clone --recursive on an untrusted repo on Unix-like platforms could lead to remote code execution, highlighting a vulnerability in
Critical Vulnerability Exposes GitHub Agentic Workflows to Prompt Injection
BackBox.org·5h ago
GitLost Vulnerability Steals Private Code via GitHub AI Agents
mlllm.io·11h ago
GitHub Copilot CLI Vulnerabilities Allow Remote Code Execution and Malware Download
GitHub Copilot CLI has security vulnerabilities that allow remote code execution via indirect prompt injection, enabling malware to be downl
promptarmor.com·4mo agoChoosing Go for a Remote Code Execution Service in a Python-Dominant Environment
The article discusses the author's experience building a Go service at their workplace, which primarily uses Python. They explain why Go was
sgt.hootr.club·6mo ago
The case for GitHub Actions security after recent supply chain attacks
Datadog·1mo ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.