CVE-2017-1000451

Name of the Vulnerable Software and Affected Versions fs-git version 1.0.1

Description The issue concerns a command injection problem. The buildCommand method in the fs-git module does not properly sanitize data, making it vulnerable to command injection across all methods that use it and call child process.exec.

Recommendations For fs-git version 1.0.1, consider disabling the buildCommand method until a patch is available to prevent command injection attacks. Restrict access to the child process.exec function to minimize the risk of exploitation. Avoid using the buildCommand method in the affected API endpoints until the issue is resolved.