Name of the Vulnerable Software and Affected Versions git-tags-remote versions (affected versions not specified)

Description The issue concerns a command injection problem. It arises because the package does not properly sanitize the repository input, which is then directly passed to an exec call on the get function. This could potentially allow attackers to execute arbitrary code on the system if the repo value passed to the function is under user control.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.