CVE-2026-28292: simple-git has blockUnsafeOperationsPlugin bypass via case-insensitive protocol.allow config key enables RCE
The blockUnsafeOperationsPlugin in simple-git fails to block git protocol
override arguments when the config key is passed in uppercase or mixed case.
An attacker who controls arguments passed to git operations can enable the
ext:: protocol by passing -c PROTOCOL.ALLOW=always, which executes an
arbitrary OS command on the host machine.
| # | Vector | Payload | Sentinel file | Result |
|---|---|---|---|---|
| 1 | CVE-2022-25912 original | protocol.ext.allow=always (lowercase) | not created | Blocked ✅ |
| 2 | Case-sensitivity bypass | PROTOCOL.ALLOW=always (uppercase) | /tmp/pwn-codeant created | RCE ⚠️ |
| 3 | Real-world app scenario | PROTOCOL.ALLOW=always + attacker URL | /tmp/pwn-realworld created | RCE ⚠️ |
The case-sensitive regex in preventProtocolOverride blocks protocol.*.allow but does not account for uppercase or mixed-case variants. Git accepts all variants identically due to case-insensitive config key normalisation, allowing full bypass of the protection in all versions of simple-git that carry the 2022 fix.
/tmp/pwned is created by the git subprocess via the ext:: protocol.
All of the following bypass the check:
Argument passed via -c | Regex matches? | Git honours it? |
|---|---|---|
protocol.allow=always | ✅ blocked | ✅ |
PROTOCOL.ALLOW=always | ❌ bypassed | ✅ |
Protocol.Allow=always | ❌ bypassed | ✅ |
PROTOCOL.allow=always | ❌ bypassed | ✅ |
protocol.ALLOW=always | ❌ bypassed | ✅ |
References
Code Behaviors & Features
Detect and mitigate CVE-2026-28292 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →