fsa through 0.5.1 is vulnerable to Command Injection. The first argument of 'execGitCommand()', located within 'lib/rep.js#63' can be controlled by users without any sanitization to inject arbitrary commands.
{
"github_reviewed_at": "2021-05-25T16:28:38Z",
"nvd_published_at": "2020-04-07T14:15:00Z",
"github_reviewed": true,
"cwe_ids": [
"CWE-78"
],
"severity": "MODERATE"
}