Mikaelbr

**Name of the Vulnerable Software and Affected Versions** mversion versions prior to 2.0.0 **Description** This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. The vulnerability is related to a command injection issue. To mitigate this, it is recommended to escape git commit messages when using the `commitMessage` option for the `update` function. **Recommendations** For versions prior to 2.0.0, update to version 2.0.0 to resolve the issue. As a temporary workaround, make sure to escape git commit messages when using the `commitMessage` option for the `update` function.