25 matches found
CVE-2023-25344
An issue was discovered in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to execute arbitrary code via crafted Object.prototype anonymous function...
CVE-2023-25345
Directory traversal vulnerability in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to read arbitrary files via the include or extends tags...
EUVD-2023-29303
Malicious code in bioql PyPI...
EUVD-2023-0832
Malicious code in bioql PyPI...
Path Traversal
swig-templates is vulnerable to Path Traversal. The vulnerability exists due to improper template restrictions which allows an attacker to access and read the files outside the restricted directory through the include or extends tags...
1095h-cli (=1.0.1), 5coder-pages (=0.2.0) +548 more potentially affected by CVE-2023-25345 via swig-templates (>=2.0.2 <=2.0.3)
swig-templates NPM version =2.0.2, =1.0.0, =1.0.0, =0.0.1, =0.0.1, =1.0.0, =0.1.0, =1.0.0, =0.0.1, =0.0.1-alpha.0 and more Source cves: CVE-2023-25345 Source advisory: OSV:GHSA-2RQ5-699J-X7P6...
Arbitrary local file read vulnerability during template rendering
Directory traversal vulnerability in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to read arbitrary files via the include or extends tags...
GHSA-2RQ5-699J-X7P6 Arbitrary local file read vulnerability during template rendering
Directory traversal vulnerability in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to read arbitrary files via the include or extends tags...
CVE-2023-25344
An issue was discovered in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to execute arbitrary code via crafted Object.prototype anonymous function...
CVE-2023-25345
Directory traversal vulnerability in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to read arbitrary files via the include or extends tags...
CVE-2023-25344
An issue was discovered in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to execute arbitrary code via crafted Object.prototype anonymous function...
CVE-2023-25345
Directory traversal vulnerability in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to read arbitrary files via the include or extends tags...
Directory traversal
Directory traversal vulnerability in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to read arbitrary files via the include or extends tags...
PT-2023-20030 · Swig +1 · Swig +1
Name of the Vulnerable Software and Affected Versions: swig-templates versions 2.0.4 and earlier swig versions 1.4.2 and earlier Description: A directory traversal issue allows attackers to read arbitrary files via the include or extends tags. This can be exploited by attackers to access sensitiv...
CVE-2023-25344
CVE-2023-25344 affects swig-templates <= 2.0.4 and swig
CVE-2023-25345
Directory traversal vulnerability in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to read arbitrary files via the include or extends tags...
CVE-2023-25345
CVE-2023-25345 is a directory traversal vulnerability in swig-templates up to 2.0.4 and swig up to 1.4.2, allowing an attacker to read arbitrary files via include or extends tags. The issue is corroborated across multiple sources (NVD, Red Hat, GHSA, OSV, CNNVD, CVE lists). A PoC/exploitation det...
CVE-2023-25344
An issue was discovered in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to execute arbitrary code via crafted Object.prototype anonymous function...
PT-2023-20029 · Swig +1 · Swig +1
Name of the Vulnerable Software and Affected Versions: swig-templates versions 2.0.4 and earlier swig versions 1.4.2 and earlier Description: An issue allows attackers to execute arbitrary code via crafted Object.prototype anonymous function. Recommendations: For swig-templates versions 2.0.4 and...
swig 安全漏洞
swig is a JavaScript template engine open-sourced by node-swig. A security vulnerability exists in swig-templates thru version 2.0.4 and swig thru version 1.4.2, which originated from a vulnerability that allows an attacker to execute arbitrary code via a crafted Object.prototype anonymous functi...