CVE-2021-4326

Published March 1st, 2023

View on NVD ↗

CVSS v3

3.3

LOW

CVSS v2

N/A

Affected

PROJECT

Description

A vulnerability in Imperative framework which allows already-privileged local actors to execute arbitrary shell commands via plugin install/update commands, or maliciously formed environment variables. Impacts Zowe CLI.

zowe/imperative

Imperative CLI Framework

GitHub