@christianhugo/cli (>=0.7.2-beta.6 <=0.7.3-beta.15), @christianhugo/mobile-builder (>=0.7.2-beta.6 <=0.7.4-beta.9) +72 more potentially affected by CVE-2021-23445 via datatables.net (>=1.10.12 <=1.10.25)

datatables.net NPM version =1.10.12, =0.7.2-beta.6, =0.7.2-beta.6, =0.7.2-beta.6, =0.7.2-beta.6, =0.6.4-beta.10, =0.7.2-beta.7, =0.6.4-beta.10, =0.6.4-beta.10, =1.0.0, =1.0.0, =3.0.0, =3.0.11 and more Source cves: CVE-2021-23445 Source advisory: OSV:GHSA-H73Q-5WMJ-Q8PJ...

AZL-66567 CVE-2021-23445 affecting package reaper 3.1.1-22

This affects the package datatables.net before 1.11.3. If an array is passed to the HTML escape entities function it would not have its contents escaped...

@coreui/coreui-datatables (=1.0.0), @daai/sb-decloud (>=1.0.0 <=1.0.11) +38 more potentially affected by CVE-2020-28458 via datatables.net (>=1.10.12 <=1.10.22)

datatables.net NPM version =1.10.12, =1.0.0, =1.0.0, =3.0.0, =1.1.1, =0.0.1, =1.0.2, =1.0.0, =1.0.0, =0.0.0, =0.1.56, =0.2.151 and more Source cves: CVE-2020-28458 Source advisory: SNYK:JS-DATATABLESNET-1016402...