CVE-2025-59433
The CVE-2025-59433 vulnerability affects the @conventional-changelog/git-client library prior to v2.0.0. Affected API: getTags() does not sanitize or validate user-supplied parameters, allowing crafted arguments to be passed to the underlying git log command (e.g., --output=), which can enable ar...