Command Injection

2017-08-29T16:47:06
ID NODEJS:360
Type nodejs
Reporter micaksica
Modified 2018-05-08T14:27:01

Description

Overview

Affected versions of fs-git do not sanitize strings passed into the buildCommand method, resulting in arbitrary code execution.

Recommendation

Update to version 1.0.2 or later.

References

Commit #eb5f70e