Skip to main content

Oh My Zsh

5 CVEs product

Monthly

CVE-2021-3769 CRITICAL PATCH Act Now

Command Injection Oh My Zsh
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2021-3727 CRITICAL PATCH Act Now

Command Injection Oh My Zsh
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2021-3726 CRITICAL PATCH Act Now

Command Injection Oh My Zsh
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2021-3725 HIGH PATCH This Week

Vulnerability in dirhistory plugin Description: the widgets that go back and forward in the directory history, triggered by pressing Alt-Left and Alt-Right, use functions that unsafely execute eval. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Oh My Zsh
NVD GitHub
CVSS 3.1
8.8
EPSS
1.1%
CVE-2021-3934 HIGH PATCH This Week

ohmyzsh is vulnerable to Improper Neutralization of Special Elements used in an OS Command. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Oh My Zsh
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Command Injection Oh My Zsh
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Command Injection Oh My Zsh
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Command Injection Oh My Zsh
NVD GitHub
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Vulnerability in dirhistory plugin Description: the widgets that go back and forward in the directory history, triggered by pressing Alt-Left and Alt-Right, use functions that unsafely execute eval. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Oh My Zsh
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

ohmyzsh is vulnerable to Improper Neutralization of Special Elements used in an OS Command. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Oh My Zsh
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy