Gitlog · Gitlog · CVE-2021-26541
**Name of the Vulnerable Software and Affected Versions**
gitlog versions prior to 4.0.4
**Description**
The issue is related to a command injection vulnerability in the gitlog function, located in src/index.ts. This vulnerability can be exploited due to insufficient input validation, allowing an attacker to inject malicious commands.
**Recommendations**
For versions prior to 4.0.4, update to version 4.0.4 or later to resolve the command injection vulnerability in the gitlog function. As a temporary workaround, consider restricting the use of the gitlog function until a patch is applied.