Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Registrator.jl Argument Injection Vulnerability
Vulnerability Description
Registrator is a GitHub app that automates creation of registration pull requests for julia packages to the General registry. Prior to version 1.9.5, if the clone URL returned by GitHub is malicious (or can be injected using upstream vulnerabilities), an argument injection is possible in the `gettreesha()` function. This can then lead to a potential remote code execution. Users should upgrade immediately to v1.9.5 to receive a patch. All prior versions are vulnerable. No known workarounds are available.
CVSS Information
N/A
Vulnerability Type
参数注入或修改
Vulnerability Title
Julia Registrator.jl 参数注入漏洞
Vulnerability Description
Julia Registrator.jl是Julia开源的一个Julia包的注册机器人。 Julia Registrator.jl 1.9.5之前版本存在参数注入漏洞,该漏洞源于参数注入可能导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A