**Name of the Vulnerable Software and Affected Versions**

git-commiters versions prior to 0.1.2

**Description**

git-commiters is a Node.js function module used to provide committers statistics for a git repository. A command injection issue exists due to insufficient input sanitization and insecure process execution. The primary API, `gitCommiters(options, callback)`, is affected, specifically when utilizing the `cwd` (current working directory) and `revisionRange` options. User-supplied input is concatenated into command execution without proper separation of commands and arguments, potentially allowing for arbitrary command execution.

**Recommendations**

Update git-commiters to version 0.1.2 or later.