Candidate: CVE-2021-3028
PublicDate: 2021-01-13 17:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3028
 https://github.com/git-big-picture/git-big-picture/pull/27
 https://github.com/git-big-picture/git-big-picture/pull/62
 https://github.com/git-big-picture/git-big-picture/releases/tag/v1.0.0
Description:
 git-big-picture before 1.0.0 mishandles ' characters in a branch name,
 leading to code execution.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]


Patches_git-big-picture:
upstream_git-big-picture: needs-triage
precise/esm_git-big-picture: DNE
trusty_git-big-picture: ignored (out of standard support)
trusty/esm_git-big-picture: DNE
xenial_git-big-picture: ignored (end of standard support, was needs-triage)
bionic_git-big-picture: needs-triage
focal_git-big-picture: DNE
groovy_git-big-picture: ignored (reached end-of-life)
hirsute_git-big-picture: ignored (reached end-of-life)
impish_git-big-picture: needs-triage
jammy_git-big-picture: needs-triage
devel_git-big-picture: needs-triage