CVE Daily

CVE-2021-22567

Bidirectional Unicode text can be interpreted and compiled differently than how ...

Medium CVSS 4.6

Overview

Bidirectional Unicode text can be interpreted and compiled differently than how it appears in editors which can be exploited to get nefarious code passed a code review by appearing benign. An attacker could embed a source that is invisible to a code reviewer that modifies the behavior of a program in unexpected ways.

CWE: CWE-284 Published: 2022-01-05T11:15:08.120
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 4.6 (MEDIUM)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags