{"vulnerability": "CVE-2021-42057", "sightings": [{"uuid": "677ca507-0d33-4ebb-8342-0ad6c9c62430", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-42057", "type": "seen", "source": "https://t.me/cibsecurity/31860", "content": "\u203c CVE-2021-42057 \u203c\n\nObsidian Dataview through 0.4.12-hotfix1 allows eval injection. The evalInContext function in executes user input, which allows an attacker to craft malicious Markdown files that will execute arbitrary code once opened. NOTE: 0.4.13 provides a mitigation for some use cases.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-04T23:25:42.000000Z"}]}