[gitsome] OS Command Injection in gitsome

OS Command Injection vulnerability in bbultman gitsome through 0.2.3 allows attackers to execute arbitrary commands via a crafted tag name of the target git repository.

References

• https://nvd.nist.gov/vuln/detail/CVE-2021-34081
• https://advisory.checkmarx.net/advisory/CX-2021-4780
• https://www.npmjs.com/package/gitsome
• https://github.com/advisories/GHSA-9v73-x562-wv5x