GHSA-9GQR-XP86-F87H Code injection in npm git
All versions of package git are vulnerable to Remote Code Execution RCE due to missing sanitization in the Git.git method, which allows execution of OS commands rather than just git commands. At this time, there is no known workaround. There has been no patch released...