cvedb.io
CVE-2021-4281
MEDIUM · CVSS 4.6
EPSS exploitation probability: 0%
Published 2022-12-26T20:15:10.580 · Last modified 2026-06-17T04:19:24.977

Summary

A vulnerability was found in Brave UX for-the-badge and classified as critical. Affected by this issue is some unknown functionality of the file .github/workflows/combine-prs.yml. The manipulation leads to os command injection. The name of the patch is 55b5a234c0fab935df5fb08365bc8fe9c37cf46b. It is recommended to apply a patch to fix this issue. VDB-216842 is the identifier assigned to this vulnerability.

Affected products

forthebadge — for_the_badge

Does this affect you?

Add your gear to cvedb and we'll alert you only when forthebadge ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.