Description
Code injection vulnerability in blamer 1.0.0 and earlier may result in remote code execution when the input can be controlled by an attacker.
Remediation
References
https://hackerone.com/reports/772448
Related Vulnerabilities
CVE-2022-2564 Vulnerability in npm package mongoose
CVE-2020-7642 Vulnerability in maven package org.webjars.bower:lazysizes
CVE-2022-31151 Vulnerability in maven package org.webjars.npm:undici
CVE-2023-32313 Vulnerability in maven package org.webjars.npm:vm2
CVE-2022-31044 Vulnerability in maven package org.rundeck:rundeck