CVE-2019-10807: OS Command Injection

March 11, 2020 (updated March 16, 2020)

Blamer versions allows execution of arbitrary commands. It is possible to inject arbitrary commands as part of the arguments provided to blamer.

References

nvd.nist.gov/vuln/detail/CVE-2019-10807

Detect and mitigate CVE-2019-10807 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →