Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-2142

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Nunjucks versions prior to version 3.2.4, it was possible to bypass the restrictions which are provided by the autoescape functionality. If there are two...

6.1CVSS5.6AI score0.00354EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/06/25 12:0 a.m.3 views

Fedora 42 : workrave (2025-85867bd98f)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-85867bd98f advisory. Unretireing the package. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

6.1CVSS5.8AI score0.00354EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/04/17 12:0 a.m.13 views

Fedora 40 : workrave (2025-2d5726abb8)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-2d5726abb8 advisory. Unretireing the package. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

6.1CVSS5.8AI score0.00354EPSS
Exploits0References2
NVD
NVD
added 2024/11/26 12:15 p.m.18 views

CVE-2023-2142

In Nunjucks versions prior to version 3.2.4, it was possible to bypass the restrictions which are provided by the autoescape functionality. If there are two user-controlled parameters on the same line used in the views, it was possible to inject cross site scripting payloads using the backslash ...

6.1CVSS0.00354EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/11/26 12:15 p.m.19 views

CVE-2023-2142

In Nunjucks versions prior to version 3.2.4, it was possible to bypass the restrictions which are provided by the autoescape functionality. If there are two user-controlled parameters on the same line used in the views, it was possible to inject cross site scripting payloads using the backslash ...

6.1CVSS5.7AI score0.00354EPSS
Exploits0References2
Circl
Circl
added 2024/11/26 11:31 a.m.8 views

CVE-2023-2142

creationtimestamp| type| source ---|---|--- 2024-11-26 11:31:06+00:00| seen| https://infosec.exchange/users/cve/statuses/113549027953253099...

6.1CVSS6.8AI score0.00354EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2024/11/26 11:24 a.m.18 views

CVE-2023-2142

In Nunjucks versions prior to version 3.2.4, it was possible to bypass the restrictions which are provided by the autoescape functionality. If there are two user-controlled parameters on the same line used in the views, it was possible to inject cross site scripting payloads using the backslash ...

6.1CVSS5.3AI score0.00354EPSS
Exploits0
OSV
OSV
added 2024/11/26 11:24 a.m.9 views

CVE-2023-2142 Nunjucks autoescape bypass leads to cross site scripting

In Nunjucks versions prior to version 3.2.4, it was possible to bypass the restrictions which are provided by the autoescape functionality. If there are two user-controlled parameters on the same line used in the views, it was possible to inject cross site scripting payloads using the backslash ...

6.1CVSS5.7AI score0.00354EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/11/26 11:24 a.m.15 views

CVE-2023-2142 Nunjucks autoescape bypass leads to cross site scripting

In Nunjucks versions prior to version 3.2.4, it was possible to bypass the restrictions which are provided by the autoescape functionality. If there are two user-controlled parameters on the same line used in the views, it was possible to inject cross site scripting payloads using the backslash ...

6.4AI score0.00354EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/26 11:24 a.m.22 views

CVE-2023-2142 Nunjucks autoescape bypass leads to cross site scripting

In Nunjucks versions prior to version 3.2.4, it was possible to bypass the restrictions which are provided by the autoescape functionality. If there are two user-controlled parameters on the same line used in the views, it was possible to inject cross site scripting payloads using the backslash ...

0.00354EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2023/04/20 9:19 p.m.10 views

3loc (>=0.1.0 <=0.4.0), @accordproject/cicero-cli (>=0.3.4 <=0.20.11-20200413151148) +983 more potentially affected by CVE-2023-2142 via nunjucks (>=0.1.10 <=3.2.3)

nunjucks NPM version =0.1.10, =0.1.0, =0.3.4, =0.3.12-20180525105709, =0.3.4, =0.3.4, =0.11.2-20190326183124, =0.0.5, =0.1.0, =1.1.0-301, =1.3.2, =2.0.0, =0.0.5, =1.2.0, =1.4.0 - @asephermann/capacitor-filechooser =0.0.1 and more Source cves: CVE-2023-2142 Source advisory: OSV:GHSA-X77J-W7WF-FJMW...

6.1CVSS6.1AI score0.00354EPSS
Exploits0
Rows per page
Query Builder