git-clone@0.0.4 vulnerabilities

Clone a git repository

Direct Vulnerabilities

Known vulnerabilities in the git-clone package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

git-clone is a Clone a git repository

Affected versions of this package are vulnerable to Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') due to insecure usage of the --upload-pack feature of git.

Note: A note was added to the README file of the package to only use the args option with static/trusted input!

How to fix Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')?

There is no fixed version for git-clone.

*