CVE-2021-3013

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2021-3013
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3013.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-3013
Aliases
Downstream
Related
Published
2021-06-11T12:15:12.163Z
Modified
2025-11-20T11:43:08.528006Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

ripgrep before 13 on Windows allows attackers to trigger execution of arbitrary programs from the current working directory via the -z/--search-zip or --pre flag.

References

Affected packages

Git / github.com/burntsushi/ripgrep

Affected ranges

Type
GIT
Repo
https://github.com/burntsushi/ripgrep
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
af6b6c543b224d348a8876f0c06245d9ea7929c5

Affected versions

0.*

0.0.1
0.0.10
0.0.11
0.0.12
0.0.13
0.0.14
0.0.15
0.0.16
0.0.17
0.0.18
0.0.19
0.0.2
0.0.3
0.0.4
0.0.5
0.0.6
0.0.7
0.0.8
0.0.9
0.1.0
0.1.1
0.1.10
0.1.11
0.1.12
0.1.13
0.1.14
0.1.15
0.1.16
0.1.17
0.1.2
0.1.3
0.1.4
0.1.5
0.1.6
0.1.7
0.1.8
0.1.9
0.10.0
0.2.0
0.2.1
0.2.2
0.2.3
0.2.4
0.2.5
0.2.6
0.2.7
0.2.8
0.2.9
0.3.0
0.3.1
0.3.2
0.4.0
0.5.0
0.5.1
0.5.2
0.6.0
0.7.0
0.7.1
0.8.0
0.8.1
0.9.0

11.*

11.0.0
11.0.1
11.0.2

12.*

12.0.0
12.0.1
12.1.0
12.1.1

globset-0.*

globset-0.1.0
globset-0.1.1
globset-0.1.2
globset-0.1.4
globset-0.2.1
globset-0.3.0
globset-0.4.0
globset-0.4.1
globset-0.4.2
globset-0.4.3
globset-0.4.4
globset-0.4.5
globset-0.4.6
globset-0.4.7

grep-0.*

grep-0.1.4
grep-0.1.6
grep-0.1.7
grep-0.1.8
grep-0.1.9
grep-0.2.0
grep-0.2.1
grep-0.2.2
grep-0.2.3
grep-0.2.4
grep-0.2.5
grep-0.2.6
grep-0.2.7
grep-0.2.8

grep-cli-0.*

grep-cli-0.1.0
grep-cli-0.1.1
grep-cli-0.1.2
grep-cli-0.1.3
grep-cli-0.1.4
grep-cli-0.1.5
grep-cli-0.1.6

grep-matcher-0.*

grep-matcher-0.1.0
grep-matcher-0.1.1
grep-matcher-0.1.2
grep-matcher-0.1.3
grep-matcher-0.1.4
grep-matcher-0.1.5

grep-pcre2-0.*

grep-pcre2-0.1.0
grep-pcre2-0.1.1
grep-pcre2-0.1.2
grep-pcre2-0.1.3
grep-pcre2-0.1.4
grep-pcre2-0.1.5

grep-printer-0.*

grep-printer-0.1.0
grep-printer-0.1.1
grep-printer-0.1.2
grep-printer-0.1.3
grep-printer-0.1.4
grep-printer-0.1.5
grep-printer-0.1.6

grep-regex-0.*

grep-regex-0.1.0
grep-regex-0.1.1
grep-regex-0.1.2
grep-regex-0.1.3
grep-regex-0.1.4
grep-regex-0.1.5
grep-regex-0.1.6
grep-regex-0.1.7
grep-regex-0.1.8
grep-regex-0.1.9

grep-search-0.*

grep-search-0.1.0

grep-searcher-0.*

grep-searcher-0.1.1
grep-searcher-0.1.2
grep-searcher-0.1.3
grep-searcher-0.1.4
grep-searcher-0.1.5
grep-searcher-0.1.6
grep-searcher-0.1.7
grep-searcher-0.1.8

ignore-0.*

ignore-0.1.0
ignore-0.1.1
ignore-0.1.3
ignore-0.1.4
ignore-0.1.5
ignore-0.1.6
ignore-0.1.8
ignore-0.1.9
ignore-0.2.1
ignore-0.2.2
ignore-0.3.0
ignore-0.4.0
ignore-0.4.1
ignore-0.4.10
ignore-0.4.11
ignore-0.4.12
ignore-0.4.13
ignore-0.4.14
ignore-0.4.15
ignore-0.4.16
ignore-0.4.17
ignore-0.4.18
ignore-0.4.2
ignore-0.4.3
ignore-0.4.4
ignore-0.4.5
ignore-0.4.6
ignore-0.4.7
ignore-0.4.8
ignore-0.4.9

termcolor-0.*

termcolor-0.1.0
termcolor-0.1.1
termcolor-0.3.0
termcolor-0.3.1
termcolor-0.3.2
termcolor-0.3.3
termcolor-0.3.4
termcolor-0.3.5
termcolor-0.3.6

wincolor-0.*

wincolor-0.1.0
wincolor-0.1.2
wincolor-0.1.3
wincolor-0.1.4
wincolor-0.1.5
wincolor-0.1.6

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3013.json"