CVE-2021-30483 – isomorphic-git: Directory traversal via a crafted repository

https://notcve.org/view.php?id=CVE-2021-30483

isomorphic-git before 1.8.2 allows Directory Traversal via a crafted repository. isomorphic-git versiones anteriores a 1.8.2, permite un Salto de Directorio por medio de un repositorio diseñado A flaw was found in isomorphic-git. An attacker could cause a Directory Traversal via a crafted filepath in a repository being cloned. • https://github.com/isomorphic-git/isomorphic-git/pull/1339 https://github.com/isomorphic-git/isomorphic-git/releases/tag/v1.8.2 https://vuln.ryotak.me/advisories/28 https://access.redhat.com/security/cve/CVE-2021-30483 https://bugzilla.redhat.com/show_bug.cgi?id=1988539 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •