All versions of the package git-shallow-clone are vulnerable to Argument injection due to missing sanitization or mitigation flags in the process variable of the gitShallowClone function.

Affected Packages

npm git-shallow-clone

Affected versions: 0 (last affected: 0.0.2)

Related CVEs

CVE-2024-21531

Key Information

GHSA ID

GHSA-qwrq-vxvw-537r

Published

October 1, 2024 6:30 AM

Last Modified

November 7, 2024 6:36 PM

CVSS Score

5.0 /10

Primary Ecosystem

npm

Primary Package

git-shallow-clone

GitHub Reviewed

✓ Yes

Dataset

Last updated: June 15, 2025 6:24 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.