CVE-2021-3769

Summary

Vulnerability in pygmalion, pygmalion-virtualenv and refined themes Description: these themes use print -P on user-supplied strings to print them to the terminal. All of them do that on git information, particularly the branch name, so if the branch has a specially-crafted name the vulnerability can be exploited. Fixed in: b3ba9978. Impacted areas: - pygmalion theme. - pygmalion-virtualenv theme. - refined theme.

Affected Software

VendorProductVersion RangeStatus
ohmyzshohmyzsh/ohmyzshunspecified < b3ba9978affected

Weaknesses

  • CWE-78: CWE-78 OS Command Injection

ADP Enrichment

CVE Program Container

Additional References

References