Описание
Command Injection in fs-git
Affected versions of fs-git do not sanitize strings passed into the buildCommand method, resulting in arbitrary code execution.
Recommendation
Update to version 1.0.2 or later.
Пакеты
Наименование
fs-git
npm
Затронутые версииВерсия исправления
< 1.0.2
1.0.2
CVE ID
Дефекты
CWE-77
Связанные уязвимости
CVE ID
Дефекты
CWE-77