jkup/pullit

Releases0

Stars182

Display and pull branches from GitHub pull requests

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2018-25083 ↗	Mar 27, 2023Monday, 27 March 2023, 03:15	9.8 CRITICAL	—
The pullit package before 1.4.0 for Node.js allows OS Command Injection because eval is used on an attacker-supplied Git branch name.