Critical severityNVD Advisory· Published May 24, 2021· Updated Aug 3, 2024
CVE-2021-29300
CVE-2021-29300
Description
The @ronomon/opened library before 1.5.2 is vulnerable to a command injection vulnerability which would allow a remote attacker to execute commands on the system if the library was used with untrusted input.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
@ronomon/openednpm | < 1.5.2 | 1.5.2 |
Affected products
2- @ronomon/@ronomon/openeddescription
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-fg5w-w99f-rj6wghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-29300ghsaADVISORY
- advisory.checkmarx.net/advisory/CX-2021-4775ghsax_refsource_MISCWEB
- github.com/ronomon/opened/commit/7effe011d4fea8fac7f78c00615e0a6e69af68ecghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.