CNNVD-202509-3987 Information

CNNVD ID

CNNVD-202509-3987

Related CVE

CVE-2025-59831

• CNNVD Published: 2025-09-25

Description (Chinese)

git-commiters.js是Riceball LEE个人开发者的一个js库。 git-commiters.js 0.1.2之前版本存在安全漏洞，该漏洞源于未清理用户输入且未安全执行进程API，可能导致命令注入攻击。

Description (English)

This is a js library of Riceball LEE personal developers. There was a security loophole in the pre-get-committees.js 0.1.2 version, which originated from an uncleaned user input and failed to secure the API process, which could result in an order being injected into the attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

LitexMedia

Published

2025-09-25

Last Modified

2026-02-24

References

https://github.com/snowyu/git-commiters.js/commit/7f0abfedbf506e3a61ac875d91324a8dbe756e84 https://github.com/snowyu/git-commiters.js/security/advisories/GHSA-g38c-wxjf-xrh6

Patch

https://github.com/snowyu/git-commiters.js