9 matches found
EUVD-2021-27007
Malware in sbrugna...
CVE-2021-3727
Vulnerability in rand-quote and hitokoto plugins Description: the rand-quote and hitokoto fetch quotes from quotationspage.com and hitokoto.cn respectively, do some process on them and then use print -P to print them. If these quotes contained the proper symbols, they could trigger command...
elf-rss (>=2.5.0 <=2.5.4), gocqapi (>=0.1.3 <=0.1.4) +59 more potentially affected by CVE-2024-21624 via nonebot2 (>=2.0.0a16 <=2.1.3)
nonebot2 PYPI version =2.0.0a16, =2.5.0, =0.1.3, =1.2.0a0, =0.1.0, =0.1.0, =0.1.0, =0.3.4, =0.5.2, =2.0.0, =2.1.0 and more Source cves: CVE-2024-21624 Source advisory: OSV:GHSA-59J8-776V-XXXG...
CVE-2021-3727
Vulnerability in rand-quote and hitokoto plugins Description: the rand-quote and hitokoto fetch quotes from quotationspage.com and hitokoto.cn respectively, do some process on them and then use print -P to print them. If these quotes contained the proper symbols, they could trigger command...
CVE-2021-3727
Vulnerability in rand-quote and hitokoto plugins Description: the rand-quote and hitokoto fetch quotes from quotationspage.com and hitokoto.cn respectively, do some process on them and then use print -P to print them. If these quotes contained the proper symbols, they could trigger command...
Command injection
Vulnerability in rand-quote and hitokoto plugins Description: the rand-quote and hitokoto fetch quotes from quotationspage.com and hitokoto.cn respectively, do some process on them and then use print -P to print them. If these quotes contained the proper symbols, they could trigger command...
CVE-2021-3727
CVE-2021-3727 concerns the ohmyzsh rand-quote and hitokoto plugins. The description states that quotes fetched from external APIs (quotationspage.com and hitokoto.cn) could, if containing certain symbols, trigger a command injection when processed and printed via print -P. The root cause is not d...
CVE-2021-3727 OS Command Injection in ohmyzsh/ohmyzsh
Vulnerability in rand-quote and hitokoto plugins Description: the rand-quote and hitokoto fetch quotes from quotationspage.com and hitokoto.cn respectively, do some process on them and then use print -P to print them. If these quotes contained the proper symbols, they could trigger command...
ohmyzsh 操作系统命令注入漏洞
ohmyzsh is an open source, community-driven framework for managing your zsh configuration. ohmyzsh suffers from an operating system command injection vulnerability that can be exploited by an attacker to trigger command injection via the rand-quote and hitokoto plugins...