Vendor
OWASP BLT versions before 2.1.1 are vulnerable to remote code execution via a malicious pull request that injects code into the CI environment through the 'regenerate-migrations' workflow.