Find real vulnerabilities before they ship
Vulnerability Database › npm › CVE-2019-10802
giting version prior to 0.0.8 allows execution of arbritary commands. The first argument "repo" of function "pull()" is executed by the package without any validation.
Base Score