{"id":"CVE-2021-3934","details":"ohmyzsh is vulnerable to Improper Neutralization of Special Elements used in an OS Command","modified":"2026-03-14T11:07:12.849153Z","published":"2021-11-12T12:15:07.460Z","references":[{"type":"REPORT","url":"https://huntr.dev/bounties/ad2b5c3f-a3ce-4407-94dc-354c723310ce"},{"type":"FIX","url":"https://github.com/ohmyzsh/ohmyzsh/commit/6cb41b70a6d04301fd50cd5862ecd705ba226c0e"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ohmyzsh/ohmyzsh","events":[{"introduced":"0"},{"fixed":"6cb41b70a6d04301fd50cd5862ecd705ba226c0e"}]},{"type":"GIT","repo":"https://github.com/ohmyzsh/ohmyzsh","events":[{"introduced":"0"},{"fixed":"6cb41b70a6d04301fd50cd5862ecd705ba226c0e"}]}],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"2021-11-11"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3934.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}