3 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-29827
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ejs v3.1.9 is vulnerable to server-side template injection. If the ejs file is controllable, template injection can be implemented through the configuration...
UBUNTU-CVE-2023-29827
DISPUTED ejs v3.1.9 is vulnerable to server-side template injection. If the ejs file is controllable, template injection can be implemented through the configuration settings of the closeDelimiter parameter. NOTE: this is disputed by the vendor because the render function is not intended to be us...
PT-2023-22433
Name of the Vulnerable Software and Affected Versions ejs version 3.1.9 Description The issue concerns server-side template injection. If the ejs file is controllable, template injection can be implemented through the configuration settings of the closeDelimiter parameter. It is noted that the...