CVE-2021-42694

🗓️ 01 Nov 2021 00:00:00Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 177 Views

An issue in Unicode Specification allows adversaries to inject code via homoglyph characters in source code identifiers

Reporter	Title	Published	Views	Family All 25
IBM Security Bulletins	Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities found in Java, Node.js and IBM WebSphere Application Server Liberty	13 Mar 202503:39	–	ibm
BDU FSTEC	The vulnerability of the character determination function in the implementation of the Unicode standard, related to errors in code generation using homoglyphs, allows a violator to execute arbitrary code.	10 Nov 202100:00	–	bdu_fstec
Circl	CVE-2021-42694	2 Nov 202115:50	–	circl
CNNVD	Unicode 安全漏洞	1 Nov 202100:00	–	cnnvd
Cvelist	CVE-2021-42694	1 Nov 202100:00	–	cvelist
Tenable Nessus	GLSA-202210-09 : Rust: Multiple Vulnerabilities	16 Oct 202200:00	–	nessus
Tenable Nessus	RHEL 7 : developer_environment (Unpatched Vulnerability)	11 May 202400:00	–	nessus
Tenable Nessus	RHEL 8 : developer_environment (Unpatched Vulnerability)	11 May 202400:00	–	nessus
Tenable Nessus	RHEL 7 : gcc (Unpatched Vulnerability)	3 Jun 202400:00	–	nessus
Tenable Nessus	RHEL 8 : gcc (Unpatched Vulnerability)	3 Jun 202400:00	–	nessus

NVD

Vulnrichment

Node

Source	Link
unicode	www.unicode.org/reports/tr36/
openwall	www.openwall.com/lists/oss-security/2021/11/01/1
openwall	www.openwall.com/lists/oss-security/2021/11/01/6
unicode	www.unicode.org/versions/Unicode14.0.0/
unicode	www.unicode.org/reports/tr39/
trojansource	www.trojansource.codes/
cwe	www.cwe.mitre.org/data/definitions/1007.html
kb	www.kb.cert.org/vuls/id/999008
scyon	www.scyon.nl/post/trojans-in-your-source-code
security	www.security.gentoo.org/glsa/202210-09

21 Nov 2024 06:27Current

8High risk

Vulners AI Score8

CVSS 25.1

CVSS 3.18.3

EPSS0.04485

SSVC