cocoapods-downloader (RubyGems) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the RubyGems package cocoapods-downloader, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2022-21223 — CVSS 8.1 (high): The package cocoapods-downloader before 1.6.2 are vulnerable to Command Injection via hg argument injection. When calling the download…
CVE-2022-24440 — CVSS 8.1 (high): The package cocoapods-downloader before 1.6.0, from 1.6.2 and before 1.6.3 are vulnerable to Command Injection via git argument injection…