CNNVD-202509-1127 Information

CNNVD ID

CNNVD-202509-1127

Related CVE

CVE-2025-59046

• CNNVD Published: 2025-09-09

Description (Chinese)

interactive-git-checkout是Nino Filiu个人开发者的一个分支切换软件。 interactive-git-checkout 1.1.4及之前版本存在命令注入漏洞，该漏洞源于未对分支名称进行输入验证或清理，可能导致命令注入攻击。

Description (English)

Interactive-git-checkout is a branch exchange software for Nino Filiu personal developers. There is a command-injecting loophole in the intactive-git-checkout 1.1.4 and earlier versions, which arises from the failure to enter or clean up branch names, which may lead to an order-injecting attack.

Hazard Level

Low

Vulnerability Type

命令注入

Affected Vendor

个人开发者

Published

2025-09-09

Last Modified

2026-02-24

References

https://github.com/ninofiliu/interactive-git-checkout/commit/8dd832dd302af287a61611f4f85e157cd1c6bb41 https://github.com/ninofiliu/interactive-git-checkout/security/advisories/GHSA-4wcm-7hjf-6xw5 https://access.redhat.com/security/cve/cve-2025-59046