scripts/cli.js in the GoDaddy node-config-shield (aka Config Shield) package before 0.2.2 for Node.js calls eval when processing a set command. NOTE: the vendor reportedly states that this is not a vulnerability. The set command was not intended for use with untrusted data
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-01-27T19:36:02
Updated: 2024-08-03T20:19:20.387Z
Reserved: 2021-01-27T00:00:00
Link: CVE-2021-26276
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-01-27T20:15:13.863
Modified: 2024-08-03T21:15:23.397
Link: CVE-2021-26276
Redhat
No data.