GHSA-vqgr-mfxm-47f3, CVE-2020-28422
npm/git-archive
Improper Neutralization of Special Elements used in a Command ('Command Injection')
All versions of package git-archive is vulnerable to Command Injection via the exports function.
All versions up to 0.1.4
Unfortunately, there is no solution available yet.
2022-08-09
source |