← Back

Git Commit Info

git-commit-info

Vendor: Git Commit Info Project • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-26134
1Git Commit Info Project
1Git Commit Info
Jun 17, 2026
Jun 28, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Versions of the package git-commit-info before 2.0.2 are vulnerable to Command Injection such that the package-exported method gitCommitInfo () fails to sanitize its parameter commit, which later flows into a sensitive c...Show more
Versions of the package git-commit-info before 2.0.2 are vulnerable to Command Injection such that the package-exported method gitCommitInfo () fails to sanitize its parameter commit, which later flows into a sensitive command execution API. As a result, attackers may inject malicious commands once they control the hash content.Show less