Vulnerabilities > Planetargon
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-30 | CVE-2021-3725 | Code Injection vulnerability in Planetargon OH MY ZSH Vulnerability in dirhistory plugin Description: the widgets that go back and forward in the directory history, triggered by pressing Alt-Left and Alt-Right, use functions that unsafely execute eval on directory names. | 6.8 |
| 2021-11-30 | CVE-2021-3726 | OS Command Injection vulnerability in Planetargon OH MY ZSH # Vulnerability in `title` function **Description**: the `title` function defined in `lib/termsupport.zsh` uses `print` to set the terminal title to a user-supplied string. | 7.5 |
| 2021-11-30 | CVE-2021-3727 | OS Command Injection vulnerability in Planetargon OH MY ZSH 20211111 # Vulnerability in `rand-quote` and `hitokoto` plugins **Description**: the `rand-quote` and `hitokoto` fetch quotes from quotationspage.com and hitokoto.cn respectively, do some process on them and then use `print -P` to print them. | 7.5 |
| 2021-11-30 | CVE-2021-3769 | OS Command Injection vulnerability in Planetargon OH MY ZSH # Vulnerability in `pygmalion`, `pygmalion-virtualenv` and `refined` themes **Description**: these themes use `print -P` on user-supplied strings to print them to the terminal. | 10.0 |
| 2021-11-12 | CVE-2021-3934 | OS Command Injection vulnerability in Planetargon OH MY ZSH ohmyzsh is vulnerable to Improper Neutralization of Special Elements used in an OS Command | 5.1 |