← Back

Pull It

pull_it

Vendor: Pull It Project • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-25083
1Pull It Project
1Pull It
Feb 24, 2025
Mar 27, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
The pullit package before 1.4.0 for Node.js allows OS Command Injection because eval is used on an attacker-supplied Git branch name.