Snyk has a proof-of-concept or detailed explanation of how to exploit this vulnerability.
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsThere is no fixed version for last-commit-log
.
last-commit-log is a Node.js module to get the last git commit information - mostly to be used by CI/CD and building phase
Affected versions of this package are vulnerable to Command Injection via the GIT_DIR
env variable.