Name of the Vulnerable Software and Affected Versions gitting versions (affected versions not specified)

Description The issue concerns a Command Injection problem. The package fails to sanitize input, passing it directly to an exec call, which may allow attackers to execute arbitrary code in the system. The pull function is vulnerable through the branch variable.

Recommendations Consider using an alternative package until a fix is made available. As a temporary workaround, consider disabling the pull function or restricting the use of the branch variable to minimize the risk of exploitation.