Lucene search

CVE-2021-4329

🗓️ 05 Mar 2023 19:10:15Reported by VulDBType

Vulnerability in json-logic-js 2.0.0 allows command injection via logic.js, upgrade to 2.0.1 recommended

Reporter	Title	Published	Views	Family All 9
Prion	Command injection	5 Mar 202319:15	–	prion
OSV	CVE-2021-4329	5 Mar 202319:15	–	osv
OSV	json-logic-js Command Injection vulnerability	5 Mar 202321:30	–	osv
OSV	PYSEC-2023-209	5 Mar 202319:15	–	osv
NVD	CVE-2021-4329	5 Mar 202319:15	–	nvd
Vulnrichment	CVE-2021-4329 json-logic-js logic.js command injection	5 Mar 202319:00	–	vulnrichment
Veracode	Arbitrary Code Execution	8 Mar 202312:59	–	veracode
Cvelist	CVE-2021-4329 json-logic-js logic.js command injection	5 Mar 202319:00	–	cvelist
Github Security Blog	json-logic-js Command Injection vulnerability	5 Mar 202321:30	–	github

Nvd

Vulners

Node

json-logic-js_project json-logic-jsMatch2.0.0

[
  {
    "vendor": "n/a",
    "product": "json-logic-js",
    "versions": [
      {
        "version": "2.0.0",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/jwadhams/json-logic-js/commit/c1dd82f5b15d8a553bb7a0cfa841ab8a11a9c227
github	www.github.com/jwadhams/json-logic-js/pull/98
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

05 Mar 2023 19:15Current

7.9High risk

Vulners AI Score7.9

CVSS25.2

CVSS35.5 - 9.8

EPSS0.00737

SSVC

CWE-77