CVE-2022-24376

OS Command Injection in git-promise in npm/git-promise

Identifiers

GHSA-chj3-f7xw-367m, CVE-2022-24376

Package Slug

npm/git-promise

Vulnerability

OS Command Injection in git-promise

Description

All versions of package git-promise is vulnerable to Command Injection due to an inappropriate fix of a prior vulnerability in this package.

Affected Versions

All versions up to 1.0.0

Solution

Unfortunately, there is no solution available yet.

Last Modified

2022-06-17

source