VDB
KO
CRITICAL 9.8

GHSA-h9v8-rm3m-5h5f

OS Command Injection in git-add-remote

Details

git-add-remote through 1.0.0 is vulnerable to Command Injection. It allows execution of arbitrary commands via the name argument.

Are you affected?

Enter the version of the package you're using.

Affected packages

npm / git-add-remote
Introduced in: 0

No fixed version published yet for git-add-remote (npm). Pin to a known-safe version or switch to an alternative.

References