pkg:npm/simple-git

7 total CVEsCRITICAL3HIGH4

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2026-6951simple-git is vulnerable to Remote Code Execution
    from 0, < 3.36.0
  • CRITICAL9.8CVE-2026-28292simple-git has blockUnsafeOperationsPlugin bypass via case-insensitive protocol.allow config key enables RCE
    >= 3.15.0, < 3.32.3
  • CRITICAL9.8CVE-2022-25860Remote code execution in simple-git
    from 0, < 3.16.0
  • HIGH8.1CVE-2026-28291simple-git Affected by Command Execution via Option-Parsing Bypass
    from 0, < 3.32.0
  • HIGH8.1CVE-2022-25912simple-git vulnerable to Remote Code Execution when enabling the ext transport protocol
    from 0, < 3.15.0
  • HIGH8.1CVE-2022-24066Command injection in simple-git
    from 0, < 3.5.0
  • HIGH8.1CVE-2022-24433Command injection in simple-git
    from 0, < 3.3.0