EPSS
Percentile
58.0%
gitsome is vulnerable to os command injection. The vulnerability exists when initializing an unsupported git repository which allows an attacker to inject and execute arbitrary commands via crafted tag names of the repository.
advisory.checkmarx.net/advisory/CX-2021-4780
advisory.checkmarx.net/advisory/CX-2021-4780/
github.com/advisories/GHSA-9v73-x562-wv5x
www.npmjs.com/package/gitsome