Description
Code injection vulnerability in blamer 1.0.0 and earlier may result in remote code execution when the input can be controlled by an attacker.
Remediation
References
https://hackerone.com/reports/772448
Related Vulnerabilities
CVE-2020-14966 Vulnerability in npm package jsrsasign
CVE-2022-25860 Vulnerability in maven package org.webjars.npm:simple-git
CVE-2022-26260 Vulnerability in npm package simple-plist
CVE-2023-33201 Vulnerability in maven package org.bouncycastle:bcprov-jdk15on
CVE-2019-14653 Vulnerability in maven package org.webjars.bower:editor.md