Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-34081 PoC — gitsome 操作系统命令注入漏洞

Source
https://github.com/jason-rodrigues/CVEX-Record
Associated Vulnerability
Title:gitsome 操作系统命令注入漏洞 (CVE-2021-34081)
Description:npm bbultman gitsome是美国npm公司的一个小型库。可帮助根据 git 存储库中的现有数据做出决策。 gitsome 0.2.3版本存在安全漏洞,该漏洞源于控制目标 git 存储库的标记名称的攻击者可能会使用 shell 元字符构造恶意命令,攻击者利用该漏洞可以执行任意命令。
Description
CVE-2021-34081
File Snapshot

 [4.0K]  /data/pocs/5c9240f0240a47c5b5e6e0803032de3418a58825
├── [ 202]  cvex.yml
├── [4.0K]  data
│   └── [ 128]  poc.js
└── [1.2K]  ubuntu.yml

1 directory, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.