Articles tagged for: nodejs

Argument Injection vulnerability in git-blame@1.4.0

The git-blame npm package is vulnerable to Argument Injection via the `rev` parameter allowing arbitrary command injection.
Nov 22, 2025 ~ 2 min read
nodejs
vulnerability
command injection
Argument Injection vulnerability in `gits@0.1.8`

An Argument Injection vulnerability was discovered in the `gits` npm package that could allow attackers to execute arbitrary commands on the host
Nov 22, 2025 ~ 1 min read
nodejs
vulnerability
command injection
Command Injection vulnerability in `@fab1o/git@1.4.0`

A Command Injection vulnerability in the `@fab1o/git` npm package allows attackers to execute arbitrary commands on the host system via unsanitized user input passed to the `exec()` function.
Nov 22, 2025 ~ 1 min read
nodejs
vulnerability
command injection
Command Injection vulnerability in `git-contributors` via unsanitized CLI arguments

A Command Injection vulnerability was discovered in the `git-contributors` npm package that allows attackers to execute arbitrary commands by manipulating the options object passed to the library's API.
Nov 22, 2025 ~ 3 min read
nodejs
vulnerability
command injection
Command Injection vulnerability in `git-q@0.0.3`

Publicly disclosing a Command Injection vulnerability in the `git-q` npm package, which allows attackers to execute arbitrary commands on the host system via unsanitized user input.
Nov 22, 2025 ~ 1 min read
nodejs
vulnerability
command injection
Command injection vulnerability via unsanitized CLI arguments in touxing/fast-git-clone

A command injection vulnerability exists for this command line tool that is available on the npmjs registry.
Nov 22, 2025 ~ 1 min read
nodejs
vulnerability
command injection

Newer posts

Older posts