0.021 Low
EPSS
Percentile
89.1%
Affected versions of the async-git package allow OS Command Injection via shell metacharacters, as demonstrated by git.reset and git.tag.
async-git
git.reset
git.tag
Upgrade to version 1.13.2 or later.