Rewterz Threat Advisory – CVE-2022-28893 Linux Kernel Vulnerability
April 12, 2022Rewterz Threat Advisory – Multiple WordPress Plugin Vulnerabilities
April 12, 2022Rewterz Threat Advisory – CVE-2022-28893 Linux Kernel Vulnerability
April 12, 2022Rewterz Threat Advisory – Multiple WordPress Plugin Vulnerabilities
April 12, 2022Severity
High
Analysis Summary
CVE-2022-24437
Node.js git-pull-or-clone module could allow a remote attacker to execute arbitrary commands on the system, caused by a flaw in the use of the –upload-pack feature of git. By sending a specially-crafted argument to the git clone command, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
Impact
Command Execution
Indicators Of Compromise
CVE
CVE-2022-24437
Affected Vendors
Node.js
Affected Products
Node.js git-pull-or-clone 2.0.1
Remediation
Upgrade to the latest version of Node.js, available from the git-pull-or-clone GIT Repository.