Miggo Logo
Miggo Vulnerability Database
CVE-2024-21531

CVE-2024-21531: git-shallow-clone Argument Injection vulnerability

5.3

CVSS Score
3.1

Basic Information

CVE ID
CVE-2024-21531
GHSA ID
GHSA-qwrq-vxvw-537r
EPSS Score
0.40504%
CWE
CWE-88
Published
10/1/2024
Updated
11/7/2024
KEV Status
No
Technology
TechnologyJavaScript

Technical Details

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Package NameEcosystemVulnerable VersionsFirst Patched Version
git-shallow-clonenpm<= 0.0.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from line 27 in index.js where user-controlled parameters are directly used in spawned git commands. The function fails to sanitize clonePath argument which gets pushed to args array (line 27) and executed via spawn('git', args). This allows attackers to inject git flags like --upload-pack through the clonePath parameter, as demonstrated in Snyk's PoC. The combination of direct user input usage in process spawning and lack of argument sanitization matches CWE-88's pattern of argument injection vulnerabilities.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*ll v*rsions o* t** p**k*** *it-s**llow-*lon* *r* vuln*r**l* to *r*um*nt inj**tion *u* to missin* s*nitiz*tion or miti**tion *l**s in t** pro**ss v*ri**l* o* t** *itS**llow*lon* *un*tion.

Reasoning

T** vuln*r**ility st*ms *rom lin* ** in `in**x.js` w**r* us*r-*ontroll** p*r*m*t*rs *r* *ir**tly us** in sp*wn** *it *omm*n*s. T** `*un*tion` **ils to s*nitiz* `*lon*P*t*` *r*um*nt w*i** **ts pus*** to `*r*s` *rr*y (lin* **) *n* *x**ut** vi* `sp*wn('