Lucene search

GoogleOSV:GHSA-6F9P-G466-F8V8

HistorySep 19, 2023 - 6:30 a.m.

blamer vulnerable to Arbitrary Argument Injection via the blameByFile() API

2023-09-1906:30:17

Google

osv.dev

vulnerable

arbitrary argument injection

blamebyfile() api

blamer

software

package

version

sanitize

user input

validate

file path

schema

command-line flags

git binary

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

0.001 Low

EPSS

Percentile

20.3%

JSON

Versions of the package blamer before 1.0.4 are vulnerable to Arbitrary Argument Injection via the blameByFile() API. The library does not sanitize for user input or validate the given file path conforms to a specific schema, nor does it properly pass command-line flags to the git binary using the double-dash POSIX characters (–) to communicate the end of options.

CPENameOperatorVersion
blamerlt1.0.4

CPE	Name	Operator	Version
	blamer	lt	1.0.4

References

gist.github.com/lirantal/14c3686370a86461f555d3f0703e02f9

github.com/kucherenko/blamer

github.com/kucherenko/blamer/commit/0965877f115753371a2570f10a63c455d2b2cde3

nvd.nist.gov/vuln/detail/CVE-2023-26143

security.snyk.io/vuln/SNYK-JS-BLAMER-5731318

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

0.001 Low

EPSS

Percentile

20.3%

JSON

Related for OSV:GHSA-6F9P-G466-F8V8