Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-4306
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
cronvel terminal-kit redos
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability classified as problematic has been found in cronvel terminal-kit up to 2.1.7. Affected is an unknown function. The manipulation leads to inefficient regular expression complexity. Upgrading to version 2.1.8 is able to address this issue. The name of the patch is a2e446cc3927b559d0281683feb9b821e83b758c. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-217620.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
CWE-1333
Source: NVD (National Vulnerability Database)
Vulnerability Title
Terminal Kit 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Terminal Kit是适用于Node.js的命令行工具。 Terminal Kit 2.1.8之前版本存在安全漏洞,该漏洞源于一个未知的功能,操作导致低效的正则表达式复杂性。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
cronvelterminal-kit 2.1.0 -
II. Public POCs for CVE-2021-4306
#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2021-4306
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same vendor: cronvel
Same weakness: CWE-1333
V. Comments for CVE-2021-4306

No comments yet

Leave a comment