[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-47318":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":69,"aliases":70,"duplicate_of":9,"upstream":71,"downstream":72,"duplicates":91,"related":92,"reserved_at":9,"published_at":94,"modified_at":95,"state":96,"summary":97,"references_raw":106,"kevs":133,"epss":134,"epss_history":137,"metrics":411,"affected":422},"CVE-2022-47318","ruby-git versions prior to v1.13.0 allows a remote authenticated attacker to execute an arbitrary ruby code by having a user to load a repository containing a specially crafted filename to the product. This vulnerability is different from CVE-2022-46648.",null,[11,18],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"NVD-CWE-NOINFO","Insufficient Information","NVD uses this CWE ID when there is insufficient information to assign a specific CWE.","placeholder","NVD-Reserved",[],{"_key":19,"id":19,"name":20,"description":21,"type":22,"status":23,"abstraction":24,"likelihood_of_exploit":25,"capec":26},"CWE-94","Improper Control of Generation of Code ('Code Injection')","The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.","weakness","Draft","Base","Medium",[27,31,65],{"id":28,"name":29,"techniques":30},"CAPEC-242","Code Injection",[],{"id":32,"name":33,"techniques":34},"CAPEC-35","Leverage Executable Code in Non-Executable Files",[35,46,53],{"id":36,"name":37,"tactics":38,"countermeasures":45},"T1027.006","HTML Smuggling",[39,42],{"id":40,"name":41},"TA0030","Defense Evasion",{"id":43,"name":44},"TA0005","Stealth",[],{"id":47,"name":48,"tactics":49,"countermeasures":52},"T1027.009","Embedded Payloads",[50,51],{"id":40,"name":41},{"id":43,"name":44},[],{"id":54,"name":55,"tactics":56,"countermeasures":59},"T1564.009","Resource Forking",[57,58],{"id":40,"name":41},{"id":43,"name":44},[60],{"id":61,"name":62,"tactic":63},"D3-FFV","File Format Verification",{"name":64},"Isolate",{"id":66,"name":67,"techniques":68},"CAPEC-77","Manipulating User-Controlled Variables",[],[],[],[],[73,75,77,79,81,83,85,87,89],{"_key":74},"UBUNTU-CVE-2022-47318",{"_key":76},"DLA-4406-1",{"_key":78},"DLA-3303-1",{"_key":80},"MGASA-2023-0097",{"_key":82},"DEBIAN-CVE-2022-47318",{"_key":84},"RHSA-2023:5931",{"_key":86},"RHSA-2023:5979",{"_key":88},"RHSA-2023:5980",{"_key":90},"RHSA-2023:6818",[],[93],{"_key":80},"2023-01-17T00:00:00.000Z","2025-04-04T15:54:32.976Z","Modified",{"cisa_kev":98,"cisa_ransomware":98,"cisa_vendor":9,"epss_severity":99,"epss_score":100,"severity":101,"severity_score":102,"severity_version":103,"severity_source":104,"severity_vector":105,"severity_status":96},false,"low",0.00465,"high",8.8,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",[107,114,119,123,128],{"url":108,"sources":109,"tags":111},"https://github.com/ruby-git/ruby-git",[104,110],"nvd",[112,113],"Product","Third Party Advisory",{"url":115,"sources":116,"tags":117},"https://github.com/ruby-git/ruby-git/pull/602",[104,110],[118,113],"Patch",{"url":120,"sources":121,"tags":122},"https://jvn.jp/en/jp/JVN16765254/index.html",[104,110],[113],{"url":124,"sources":125,"tags":126},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KPFLSZPUM7APWVBRM5DCAY5OUVQBF4K/",[104,110],[127],"Vendor Advisory",{"url":129,"sources":130,"tags":131},"https://lists.debian.org/debian-lts-announce/2023/01/msg00043.html",[104,110],[132,113],"Mailing List",[],{"date":135,"score":100,"percentile":136},"2026-06-04",0.64708,[138,142,145,148,151,154,157,160,162,165,169,172,175,178,181,185,188,191,194,197,200,203,206,209,212,215,218,221,224,227,230,233,236,239,241,244,247,250,253,256,259,262,265,267,270,273,276,279,282,285,289,292,295,297,300,303,306,309,312,315,318,321,324,327,330,333,336,339,342,345,348,351,354,357,360,363,367,370,373,376,379,383,386,389,392,396,399,402,405,408],{"date":139,"score":140,"percentile":141},"2025-11-04",0.00693,0.71065,{"date":143,"score":140,"percentile":144},"2025-11-05",0.7105,{"date":146,"score":140,"percentile":147},"2025-11-06",0.71047,{"date":149,"score":140,"percentile":150},"2025-11-07",0.71062,{"date":152,"score":140,"percentile":153},"2025-11-08",0.71061,{"date":155,"score":140,"percentile":156},"2025-11-09",0.71053,{"date":158,"score":140,"percentile":159},"2025-11-10",0.71039,{"date":161,"score":140,"percentile":147},"2025-11-11",{"date":163,"score":140,"percentile":164},"2025-11-12",0.7107,{"date":166,"score":167,"percentile":168},"2025-11-13",0.007,0.71216,{"date":170,"score":167,"percentile":171},"2025-11-14",0.71224,{"date":173,"score":167,"percentile":174},"2025-11-15",0.71225,{"date":176,"score":167,"percentile":177},"2025-11-16",0.71221,{"date":179,"score":167,"percentile":180},"2025-11-17",0.71215,{"date":182,"score":183,"percentile":184},"2025-11-18",0.0101,0.75167,{"date":186,"score":183,"percentile":187},"2025-11-19",0.75174,{"date":189,"score":183,"percentile":190},"2025-11-20",0.75183,{"date":192,"score":167,"percentile":193},"2025-11-21",0.71239,{"date":195,"score":167,"percentile":196},"2025-11-22",0.71232,{"date":198,"score":167,"percentile":199},"2025-11-23",0.71213,{"date":201,"score":167,"percentile":202},"2025-11-24",0.71206,{"date":204,"score":167,"percentile":205},"2025-11-25",0.71209,{"date":207,"score":167,"percentile":208},"2025-11-26",0.71214,{"date":210,"score":167,"percentile":211},"2025-11-27",0.71217,{"date":213,"score":167,"percentile":214},"2025-11-28",0.71205,{"date":216,"score":167,"percentile":217},"2025-11-29",0.71195,{"date":219,"score":167,"percentile":220},"2025-11-30",0.71189,{"date":222,"score":167,"percentile":223},"2025-12-01",0.7133,{"date":225,"score":167,"percentile":226},"2025-12-02",0.71344,{"date":228,"score":167,"percentile":229},"2025-12-03",0.71343,{"date":231,"score":167,"percentile":232},"2025-12-04",0.71197,{"date":234,"score":167,"percentile":235},"2025-12-05",0.71208,{"date":237,"score":167,"percentile":238},"2025-12-06",0.7121,{"date":240,"score":167,"percentile":199},"2025-12-07",{"date":242,"score":167,"percentile":243},"2025-12-08",0.71218,{"date":245,"score":167,"percentile":246},"2025-12-09",0.71249,{"date":248,"score":167,"percentile":249},"2025-12-10",0.71284,{"date":251,"score":167,"percentile":252},"2025-12-11",0.71307,{"date":254,"score":167,"percentile":255},"2025-12-12",0.71331,{"date":257,"score":167,"percentile":258},"2025-12-13",0.71336,{"date":260,"score":167,"percentile":261},"2025-12-14",0.71337,{"date":263,"score":167,"percentile":264},"2025-12-15",0.71334,{"date":266,"score":167,"percentile":229},"2025-12-16",{"date":268,"score":167,"percentile":269},"2025-12-17",0.71359,{"date":271,"score":167,"percentile":272},"2025-12-18",0.7138,{"date":274,"score":167,"percentile":275},"2025-12-19",0.71399,{"date":277,"score":167,"percentile":278},"2025-12-20",0.71397,{"date":280,"score":167,"percentile":281},"2025-12-21",0.7139,{"date":283,"score":167,"percentile":284},"2025-12-22",0.71389,{"date":286,"score":287,"percentile":288},"2025-12-23",0.00719,0.71872,{"date":290,"score":287,"percentile":291},"2025-12-24",0.71877,{"date":293,"score":287,"percentile":294},"2025-12-25",0.71902,{"date":296,"score":287,"percentile":294},"2025-12-26",{"date":298,"score":287,"percentile":299},"2025-12-27",0.71936,{"date":301,"score":287,"percentile":302},"2025-12-28",0.71878,{"date":304,"score":287,"percentile":305},"2025-12-29",0.71875,{"date":307,"score":287,"percentile":308},"2025-12-30",0.71889,{"date":310,"score":287,"percentile":311},"2025-12-31",0.7191,{"date":313,"score":287,"percentile":314},"2026-01-01",0.72056,{"date":316,"score":287,"percentile":317},"2026-01-02",0.72051,{"date":319,"score":287,"percentile":320},"2026-01-03",0.7205,{"date":322,"score":287,"percentile":323},"2026-01-04",0.71913,{"date":325,"score":167,"percentile":326},"2026-01-05",0.7143,{"date":328,"score":167,"percentile":329},"2026-01-06",0.7144,{"date":331,"score":167,"percentile":332},"2026-01-07",0.71453,{"date":334,"score":167,"percentile":335},"2026-01-08",0.71469,{"date":337,"score":167,"percentile":338},"2026-01-09",0.71477,{"date":340,"score":167,"percentile":341},"2026-01-10",0.71473,{"date":343,"score":167,"percentile":344},"2026-01-11",0.71466,{"date":346,"score":167,"percentile":347},"2026-01-12",0.71458,{"date":349,"score":167,"percentile":350},"2026-01-13",0.71457,{"date":352,"score":167,"percentile":353},"2026-01-14",0.71481,{"date":355,"score":167,"percentile":356},"2026-01-15",0.71485,{"date":358,"score":167,"percentile":359},"2026-01-16",0.71501,{"date":361,"score":167,"percentile":362},"2026-01-17",0.71496,{"date":364,"score":365,"percentile":366},"2026-01-18",0.00546,0.67227,{"date":368,"score":365,"percentile":369},"2026-01-19",0.6721,{"date":371,"score":365,"percentile":372},"2026-01-20",0.67223,{"date":374,"score":365,"percentile":375},"2026-01-21",0.67236,{"date":377,"score":365,"percentile":378},"2026-01-22",0.67246,{"date":380,"score":381,"percentile":382},"2026-01-23",0.00531,0.66713,{"date":384,"score":381,"percentile":385},"2026-01-24",0.66722,{"date":387,"score":381,"percentile":388},"2026-01-25",0.66692,{"date":390,"score":381,"percentile":391},"2026-01-26",0.66682,{"date":393,"score":394,"percentile":395},"2026-01-27",0.0061,0.69195,{"date":397,"score":394,"percentile":398},"2026-01-28",0.69206,{"date":400,"score":394,"percentile":401},"2026-01-29",0.69204,{"date":403,"score":394,"percentile":404},"2026-01-30",0.69211,{"date":406,"score":394,"percentile":407},"2026-01-31",0.69217,{"date":409,"score":394,"percentile":410},"2026-02-01",0.69363,[412,417],{"source":104,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":413,"cvss_v4_0":9},{"baseScore":102,"baseSeverity":414,"vectorString":105,"impactScore":415,"exploitabilityScore":416},"HIGH",9.8,7.2,{"source":110,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":418,"cvss_v4_0":9},{"baseScore":419,"baseSeverity":414,"vectorString":420,"impactScore":415,"exploitabilityScore":421},8,"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",5.4,[423,432,438,448],{"ecosystem":9,"name":424,"vendor":425,"product":426,"cpe_part":427,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":428},"debian linux","debian","debian_linux","o",[429],{"version":430,"is_range":98,"range_type":431,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0","cpe",{"ecosystem":9,"name":433,"vendor":434,"product":433,"cpe_part":427,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":435},"fedora","fedoraproject",[436],{"version":437,"is_range":98,"range_type":431,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"37",{"ecosystem":9,"name":439,"vendor":440,"product":439,"cpe_part":441,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":442},"ruby-git","ruby-git_project","a",[443],{"version":444,"is_range":445,"range_type":431,"version_start":9,"version_start_type":9,"version_end":446,"version_end_type":447,"fixed_in":9},"lt1.13.0",true,"1.13.0","excluding",{"ecosystem":9,"name":439,"vendor":439,"product":439,"cpe_part":441,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":449},[450],{"version":451,"is_range":98,"range_type":104,"version_start":451,"version_start_type":452,"version_end":451,"version_end_type":452,"fixed_in":9},"versions prior to v1.13.0","including"]