Misinterpretation of Input
Overview @finos/git-proxy is a Deploy custom push protections and policies on top of Git. Affected versions of this package are vulnerable to Misinterpretation of Input via the parsePush.ts file. An attacker can bypass approval mechanisms or hide commits by crafting a malicious Git packfile that...