An issue in parse-git-config v.3.0.0 allows an attacker to obtain sensitive information via the expandKeys function
CVSS Metrics
