QSearchQSearch

CVE-2021-3028

9.8 CRITICAL

git-big-picture before 1.0.0 mishandles ' characters in a branch name, leading to code execution

Published: 2021-01-13 · Last updated: 2026-06-17

Severity and scoring

CVSS
9.8 CRITICAL
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
CWE-20

Affected products

VendorProduct
git-big-picture_projectgit-big-picture

Description

git-big-picture before 1.0.0 mishandles ' characters in a branch name, leading to code execution.

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2026-12191 A vulnerability was found in Comma AI Openpilot 0.11 (7.8 HIGH)
  • CVE-2026-45013 ApostropheCMS is an open-source Node.js content management system (8.1 HIGH)
  • CVE-2026-54133 jmespath.php allows users to use JMESPath, software for declaratively specifying how to extract elements from a JSON document, in PHP app... (9.8 CRITICAL)
  • CVE-2026-47196 Quest Bot is an opensource Discord Bot
  • CVE-2026-50633 A JNDI Injection vulnerability has been discovered in Apache CXF's JCA integration module, which can allow for code execution, if an atta... (8.1 HIGH)