npm package
fs-git
pkg:npm/fs-git
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-16087 | hig | — | < 1.0.2 | 1.0.2 | May 29, 2019 | ## Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-wp3j-gv53-4pg8. This link is maintained to preserve external references. ## Original Description Affected versions of `fs-git` do not sanitize strings passed into the `buildCommand` method, | |
| CVE-2017-1000451 | — | < 1.0.2 | 1.0.2 | Jan 2, 2018 | fs-git is a file system like api for git repository. The fs-git version 1.0.1 module relies on child_process.exec, however, the buildCommand method used to construct exec strings does not properly sanitize data and is vulnerable to command injection across all methods that use it |
- affected < 1.0.2fixed 1.0.2
## Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-wp3j-gv53-4pg8. This link is maintained to preserve external references. ## Original Description Affected versions of `fs-git` do not sanitize strings passed into the `buildCommand` method,
- CVE-2017-1000451Jan 2, 2018affected < 1.0.2fixed 1.0.2
fs-git is a file system like api for git repository. The fs-git version 1.0.1 module relies on child_process.exec, however, the buildCommand method used to construct exec strings does not properly sanitize data and is vulnerable to command injection across all methods that use it