CVE-2021-41116 - log back

CVE-2021-41116 edited at 05 Oct 2021 20:15:39
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Arbitrary command execution
Description
+ Windows users running Composer before version 2.1.9 to install untrusted dependencies are subject to command injection and should upgrade their composer version. Other OSs and WSL are not affected.
References
+ https://github.com/composer/composer/security/advisories/GHSA-frqg-7g38-6gcf
+ https://github.com/composer/composer/commit/ca5e2f8d505fd3bfac6f7c85b82f2740becbc0aa
Notes
CVE-2021-41116 created at 05 Oct 2021 20:12:48