Loading HuntDB...

GHSA-h72j-pmww-phww

GitHub Security Advisory

⚠ Unreviewed HIGH Has CVE

Advisory Details

A vulnerability was discovered in the Keybase Client for Windows before version 5.6.0 when a user executed the "keybase git lfs-config" command on the command-line. In versions prior to 5.6.0, a malicious actor with write access to a user’s Git repository could leverage this vulnerability to potentially execute arbitrary Windows commands on a user’s local system.

Related CVEs

Key Information

GHSA ID
GHSA-h72j-pmww-phww
Published
December 15, 2021 12:00 AM
Last Modified
March 30, 2022 12:02 AM
CVSS Score
7.5 /10
Primary Ecosystem
Unknown
Primary Package
Unknown
GitHub Reviewed
✗ No

Dataset

Last updated: July 7, 2025 6:28 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.