Severity: Critical
CVSS Score: 9.8
The gitlog function in src/index.ts in gitlog before 4.0.4 has a command injection vulnerability.