Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/obsidian-dataview@0.4.9
Typenpm
Namespace
Nameobsidian-dataview
Version0.4.9
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version0.4.13
Latest_non_vulnerable_version0.4.13
Affected_by_vulnerabilities
0
url VCID-vpkn-upqk-3kc8
vulnerability_id VCID-vpkn-upqk-3kc8
summary 
Improper Control of Generation of Code ('Code Injection')
Obsidian Dataview allows eval injection. The evalInContext function in executes user input, which allows an attacker to craft malicious Markdown files that will execute arbitrary code once opened. NOTE: provides a mitigation for some use cases.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-42057
reference_id
reference_type
scores
0
value 0.00295
scoring_system epss
scoring_elements 0.5313
published_at 2026-06-09T12:55:00Z
1
value 0.00295
scoring_system epss
scoring_elements 0.53082
published_at 2026-06-04T12:55:00Z
2
value 0.00295
scoring_system epss
scoring_elements 0.53143
published_at 2026-06-05T12:55:00Z
3
value 0.00295
scoring_system epss
scoring_elements 0.53151
published_at 2026-06-06T12:55:00Z
4
value 0.00295
scoring_system epss
scoring_elements 0.53132
published_at 2026-06-07T12:55:00Z
5
value 0.00295
scoring_system epss
scoring_elements 0.53106
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-42057
1
reference_url https://github.com/blacksmithgu/obsidian-dataview
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/blacksmithgu/obsidian-dataview
2
reference_url https://github.com/blacksmithgu/obsidian-dataview/issues/615
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/blacksmithgu/obsidian-dataview/issues/615
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-42057
reference_id CVE-2021-42057
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-42057
4
reference_url https://github.com/advisories/GHSA-xfg5-vrmc-24wc
reference_id GHSA-xfg5-vrmc-24wc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xfg5-vrmc-24wc
fixed_packages
0
url pkg:npm/obsidian-dataview@0.4.12-hotfix1
purl pkg:npm/obsidian-dataview@0.4.12-hotfix1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-vpkn-upqk-3kc8
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/obsidian-dataview@0.4.12-hotfix1
1
url pkg:npm/obsidian-dataview@0.4.13
purl pkg:npm/obsidian-dataview@0.4.13
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/obsidian-dataview@0.4.13
aliases CVE-2021-42057, GHSA-xfg5-vrmc-24wc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vpkn-upqk-3kc8
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/obsidian-dataview@0.4.9