Lucene search
+L

6 matches found

Circl
Circl
added 2025/03/31 9:2 p.m.13 views

CVE-2021-21353

creationtimestamp| type| source ---|---|--- 2025-03-31 21:02:06+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3llpaxs4utj2p 2025-04-16 22:57:50+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12168...

9CVSS8.3AI score0.04269EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/19 5:6 p.m.24 views

Security Bulletin: A security vulnerability in Node.js pug and pug-code-gen module affects IBM Cloud Pak for Multicloud Management Managed Service.

Summary A security vulnerability in Node.js pug and pug-code-gen module affects IBM Cloud Pak for Multicloud Management Managed Service. Vulnerability Details CVEID: CVE-2021-21353 DESCRIPTION: Node.js pug and pug-code-gen could allow a remote attacker to execute arbitrary code on the system,...

9CVSS2.4AI score0.04269EPSS
Exploits1Affected Software1
NVD
NVD
added 2021/03/03 2:15 a.m.8 views

CVE-2021-21353

Pug is an npm package which is a high-performance template engine. In pug before version 3.0.1, if a remote attacker was able to control the pretty option of the pug compiler, e.g. if you spread a user provided object such as the query parameters of a request into the pug template inputs, it was...

9CVSS0.04269EPSS
Exploits1References7
vulnersOsv
vulnersOsv
added 2021/03/03 2:3 a.m.6 views

1-of (>=1.0.0 <=1.0.1), 20ful (>=0.1.0 <=0.2.7) +3498 more potentially affected by CVE-2021-21353 via pug (>=0.1.0 <=3.0.0)

pug NPM version =0.1.0, =1.0.0, =0.1.0, =0.7.41, =0.1.0-beta.1, =0.1.3, =1.0.0, =0.0.1, =0.2.0, =1.0.0, =1.0.0, =1.0.0, =0.1.2, =1.0.0, =1.0.7 and more Source cves: CVE-2021-21353 Source advisory: OSV:GHSA-P493-635Q-R6GR...

9CVSS7.2AI score0.04269EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2021/03/03 2:3 a.m.4 views

pug (=3.0.1-canary-5) potentially affected by CVE-2021-21353 via pug-code-gen (=3.0.2-canary-5)

pug-code-gen NPM version =3.0.2-canary-5 is affected by a known vulnerability. The following packages have a transitive dependency on pug-code-gen and may be impacted: - pug =3.0.1-canary-5 Source cves: CVE-2021-21353 Source advisory: OSV:GHSA-P493-635Q-R6GR...

9CVSS7.2AI score0.04269EPSS
Exploits1
CVE
CVE
added 2021/03/03 1:50 a.m.155 views

CVE-2021-21353

CVE-2021-21353 affects the Pug template engine before v3.0.1. If an attacker controls the pretty option via untrusted input (e.g., query params passed into template inputs), remote code execution on the Node.js backend was possible. The issue is fixed in v3.0.1; pug-code-gen has a backport fix in...

9CVSS8.1AI score0.04269EPSS
Exploits1References7Affected Software2
Rows per page
Query Builder