EPSS
Percentile
12.6%
fs-git is vulnerable to command injection attacks. These attacks are possible because the buildCommand function doesn’t sanitize data before constructing exec strings, allowing attackers to insert and execute commands.
buildCommand
github.com/vvakame/fs-git/commit/eb5f70efa5cfbff1ab299fa7daaa5de549243998
nodesecurity.io/advisories/360