CVE-2021-3769
7.5
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Vulnerability in pygmalion, pygmalion-virtualenv and refined themes Description: these themes use print -P on user-supplied strings to print them to the terminal. All of them do that on git information, particularly the branch name, so if the branch has a specially-crafted name the vulnerability can be exploited. Fixed in: b3ba9978. Impacted areas: - pygmalion theme. - pygmalion-virtualenv theme. - refined theme.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ohmyzsh | ohmyzsh/ohmyzsh | unspecified < b3ba9978 | affected |
Weaknesses
- CWE-78: CWE-78 OS Command Injection
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.