3 matches found
CVE-2023-26143
CVE-2023-26143 affects the blamer package prior to version 1.0.4. The root cause is an Arbitrary Argument Injection via the blameByFile() API due to insufficient input sanitization and invalid file-path handling, coupled with improper passing of git flags ( -- ) to terminate options. Public analy...
CVE-2020-8137
CVE-2020-8137 affects the blamer tool (versions 1.0.0 and earlier). The vulnerability is a code injection flaw caused by improper handling/filtration of externally supplied input during code segment construction (as described across multiple sources, including NVD, Red Hat, GHSA, OSV, CNVD, Verac...
CVE-2019-10807
Blamer (software) is affected by an OS command injection vulnerability. In versions prior to 1.0.1, user-provided arguments to Blamer can be exploited to execute arbitrary commands on the system. The root cause is improper handling of input that enables injection via the command execution path. I...