3 matches found
CVE-2021-3934
ohmyzsh is vulnerable to Improper Neutralization of Special Elements used in an OS Command...
CVE-2021-3934 OS Command Injection in ohmyzsh/ohmyzsh
ohmyzsh is vulnerable to Improper Neutralization of Special Elements used in an OS Command...
CVE-2021-3934
CVE-2021-3934 affects Oh My Zsh (ohmyzsh). The vulnerability stems from omz_urldecode using eval on unsanitized user input within the svn plugin, enabling command injection. Some sources describe a feasible attack path that could yield remote code execution depending on themes/plugins in use. Pub...