Jon Kuperman

1 exploit Active since Mar 2023
CVE-2018-25083 WRITEUP CRITICAL WRITEUP
pullit < 1.4.0 - OS Command Injection via Git Branch Name
The pullit package before 1.4.0 for Node.js allows OS Command Injection because eval is used on an attacker-supplied Git branch name.
CVSS 9.8