{"vulnerability": "CVE-2022-21165", "sightings": [{"uuid": "b41c3619-e458-4b0c-bcc4-60ed3645f596", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21165", "type": "seen", "source": "https://t.me/arpsyndicate/4749", "content": "#ExploitObserverAlert\n\nCVE-2022-21165\n\nDESCRIPTION: Exploit Observer has 7 entries in 2 file formats related to CVE-2022-21165. All versions of package font-converter are vulnerable to Arbitrary Command Injection due to missing sanitization of input that potentially flows into the child_process.exec() function.\n\nFIRST-EPSS: 0.005790000\nNVD-IS: 5.9\nNVD-ES: 3.9\nARPS-PRIORITY: 0.7197403", "creation_timestamp": "2024-04-23T17:38:18.000000Z"}, {"uuid": "d18064e9-ef37-4b45-bafd-36e813a89c0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-21165", "type": "published-proof-of-concept", "source": "https://github.com/advisories/GHSA-g2c3-vwff-m3xr", "content": "", "creation_timestamp": "2022-08-29T20:06:54.000000Z"}]}