CVE-2017-1000228
CVE-2017-1000228 affects nodejs ejs: any versions older than 2.5.3 are vulnerable to remote code execution due to weak input validation in ejs.renderFile(). Explanation: this is a concrete vulnerability with multiple coordinated disclosures (NVD entry and corroborating reports in GHSA, Debian, CN...