2 matches found
CVE-2021-44684
naholyr github-todos 3.1.0 is vulnerable to command injection. The range argument for the hook subcommand is concatenated without any validation, and is directly used by the exec function...
CVE-2021-44684
CVE-2021-44684 affects naholyr/github-todos 3.1.0. The range argument for the _hook subcommand is concatenated without validation and passed directly to exec, enabling potential command injection. No remediation details are provided in the supplied documents; monitor for patches/advisories.