Lucene search

CVE-2021-24033

🗓️ 09 Mar 2021 01:13:15Reported by facebookType

cve🔗 web.nvd.nist.gov👁 74 Views🌐 2 Media mentions

react-dev-utils v11.0.4 CVE-2021-24033: command injection vulnerabilit

Reporter	Title	Published	Views	Family All 11
Huntr	Command Injection in facebook/create-react-app	3 Mar 202100:00	–	huntr
Github Security Blog	react-dev-utils OS Command Injection in function `getProcessForPort`	11 Mar 202122:26	–	github
Veracode	OS Command Injection	10 Mar 202106:06	–	veracode
RedhatCVE	CVE-2021-24033	9 Mar 202109:03	–	redhatcve
Cvelist	CVE-2021-24033	9 Mar 202100:25	–	cvelist
NVD	CVE-2021-24033	9 Mar 202101:15	–	nvd
OSV	react-dev-utils OS Command Injection in function `getProcessForPort`	11 Mar 202122:26	–	osv
Prion	Command injection	9 Mar 202101:15	–	prion
IBM Security Bulletins	Security Bulletin: IBM QRadar Data Synchronization App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities	24 Jul 202417:15	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Planning Analytics Workspace has addressed multiple vulnerabilities	27 Mar 202420:31	–	ibm

Nvd

Node

facebook react-dev-utilsRange<11.0.4

[
  {
    "product": "react-dev-utils",
    "vendor": "Facebook",
    "versions": [
      {
        "lessThan": "unspecified",
        "status": "unaffected",
        "version": "11.0.4 ",
        "versionType": "custom"
      },
      {
        "lessThan": "11.0.4",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
facebook	www.facebook.com/security/advisories/cve-2021-24033
github	www.github.com/facebook/create-react-app/pull/10644

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

09 Mar 2021 01:15Current

5.7Medium risk

Vulners AI Score5.7

CVSS26.8

CVSS35.6

EPSS0.007

CWE-78