.. / git-fetch

• Command

Command

It can be used to break out from restricted environments by running non-interactive system commands.

• git fetch origin '--upload-pack=sleep 30; git@g.com/a/b'

References

• CVE-2019-13139 - Docker build code execution