CVE-2021-36376

CVE-2021-36376

EPSS 0.4%

dandavison delta before 0.8.3 on Windows resolves an executable's pathname as a relative path from the current directory.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/dandavison/delta/commit/f01846bd443aaf92fdd5ac20f461beac3f6ee3fd https://github.com/dandavison/delta/releases/tag/0.8.3 https://vuln.ryotak.me/advisories/54