All versions of package gitlogplus are vulnerable to Command Injection via the main functionality, as options attributes are appended to the command to be executed without sanitization.
{
"github_reviewed_at": "2021-07-26T17:27:36Z",
"cwe_ids": [
"CWE-77"
],
"github_reviewed": true,
"nvd_published_at": "2021-07-23T16:15:00Z",
"severity": "CRITICAL"
}