interactive-git-checkout has a Command Injection vulnerability
The npm package interactive-git-checkout is an interactive command-line tool that allows users to checkout a git branch while it prompts for the branch name on the command-line. It is available as an npm package and can be installed via npm install -g interactive-git-checkout. Resources: Project's npm package: https://www.npmjs.com/package/interactive-git-checkout