npm package
gitlabhook
pkg:npm/gitlabhook
Malware
2 malicious versions on record
One or more versions of this package have been flagged as containing malicious code. Audit any system that installed an affected version.
- GHSA-j3j5-6vwf-m387Malware in gitlabhookJun 19, 2023
- MAL-2023-476Malicious code in gitlabhook (npm)Jun 17, 2023
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-5485 | — | <= 0.0.17 | — | Sep 13, 2019 | NPM package gitlabhook version 0.0.17 is vulnerable to a Command Injection vulnerability. Arbitrary commands can be injected through the repository name. |
- CVE-2019-5485Sep 13, 2019affected <= 0.0.17
NPM package gitlabhook version 0.0.17 is vulnerable to a Command Injection vulnerability. Arbitrary commands can be injected through the repository name.