willitmerge has a Command Injection vulnerability
willitmerge describes itself as a command line tool to check if pull requests are mergeable. There is a Command Injection vulnerability in version willitmerge@0.2.1. Resources: Project's GitHub source code: https://github.com/shama/willitmerge/ Project's npm package: https://www.npmjs.com/package/willitmerge