Описание
Command injection in get-git-data
get-git-data through 1.3.1 is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the arguments provided to get-git-data.
Пакеты
Наименование
get-git-data
npm
Затронутые версииВерсия исправления
<= 1.3.1
Отсутствует
Связанные уязвимости
CVSS3: 9.8
nvd
почти 6 лет назад
get-git-data through 1.3.1 is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the arguments provided to get-git-data.