Linux Distros Unpatched Vulnerability : CVE-2023-29827

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ejs v3.1.9 is vulnerable to server-side template injection. If the ejs file is controllable, template injection can be implemented through the configuration...

ejs 安全漏洞

Github ejs are embedded JavaScript templates. A security vulnerability exists in ejs Embedded JavaScript templates versions prior to 3.1.10, which stems from the lack of some pollution protection...

DEBIAN-CVE-2023-29827

ejs v3.1.9 is vulnerable to server-side template injection. If the ejs file is controllable, template injection can be implemented through the configuration settings of the closeDelimiter parameter. NOTE: this is disputed by the vendor because the render function is not intended to be used with...

UBUNTU-CVE-2023-29827

DISPUTED ejs v3.1.9 is vulnerable to server-side template injection. If the ejs file is controllable, template injection can be implemented through the configuration settings of the closeDelimiter parameter. NOTE: this is disputed by the vendor because the render function is not intended to be us...

PT-2023-22433

Name of the Vulnerable Software and Affected Versions ejs version 3.1.9 Description The issue concerns server-side template injection. If the ejs file is controllable, template injection can be implemented through the configuration settings of the closeDelimiter parameter. It is noted that the...

Github ejs 代码注入漏洞

Github ejs is an embedded JavaScript template. A code injection vulnerability exists in ejs version 3.1.6, which stems from server-side template injection being possible in settingsview optionsoutputFunctionName. This is parsed as an internal option and the outputFunctionName option is overridden...