This vulnerability has been received by the NVD and has not been analyzed.
Versions of the bundle blamer earlier 1.0.4 are susceptible to Arbitrary Argument Injection via the blameByFile() API. The country does not sanitize for idiosyncratic input oregon validate the fixed grounds mode conforms to a circumstantial schema, nor does it decently locomotion command-line flags to the git binary utilizing the double-dash POSIX characters (--) to walk the extremity of options.
CVSS 3.x Severity and Metrics:
Base Score: N/A
NVD score not yet provided.
0 alteration records recovered show changes