isomorphic-git before 1.8.2 allows Directory Traversal via a crafted repository. References: https://github.com/isomorphic-git/isomorphic-git/pull/1339 https://vuln.ryotak.me/advisories/28 https://github.com/isomorphic-git/isomorphic-git/releases/tag/v1.8.2
This issue has been addressed in the following products: Red Hat Virtualization Engine 4.4 Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 Via RHSA-2023:0074 https://access.redhat.com/errata/RHSA-2023:0074
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-30483