VYPR

npm package

pullit

pkg:npm/pullit

Vulnerabilities (1)

  • CVE-2018-25083Mar 27, 2023
    affected < 1.4.0fixed 1.4.0

    The pullit package before 1.4.0 for Node.js allows OS Command Injection because eval is used on an attacker-supplied Git branch name.