-
Marc Cornellà authoredThe pygmalion and pygmalion-virtualenv themes unsafely handle git prompt information which results in a double evaluation of this information, so a malicious git repository could trigger a command injection if the user cloned and entered the repository. A similar method could be used in the refined theme. All themes have been patched against this vulnerability.
| Name |
Last commit
|
Last update |
|---|---|---|
| .github | ||
| cache | ||
| custom | ||
| lib | ||
| log | ||
| plugins | ||
| templates | ||
| themes | ||
| tools | ||
| .editorconfig | ||
| .gitignore | ||
| .gitpod.Dockerfile | ||
| .gitpod.yml | ||
| CODE_OF_CONDUCT.md | ||
| CONTRIBUTING.md | ||
| LICENSE.txt | ||
| README.md | ||
| SECURITY.md | ||
| oh-my-zsh.sh |