Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security Issue #73

Open
jonasW3F opened this issue Dec 1, 2020 · 1 comment
Open

Security Issue #73

jonasW3F opened this issue Dec 1, 2020 · 1 comment

Comments

@jonasW3F
Copy link

jonasW3F commented Dec 1, 2020

I am using curlrequest in one of my tools and GitHub marks it as security issue:

high severity
Vulnerable versions: <= 1.0.1
Patched version: No fix
curlrequest through 1.0.1 allows execution of arbitrary commands. It is possible to inject arbitrary commands by using a semicolon char in any of the options values.

Code: CVE-2020-7646

Any way to fix this?
@HaydenMacDonald
Copy link

HaydenMacDonald commented Feb 27, 2021
edited
Loading

I have encountered the same issue.

GitHub has highlighted a specific line that triggered this security flag.

Here's hoping @chriso or someone else can fix it!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@HaydenMacDonald @jonasW3F