5 matches found
CVE-2024-30260 affecting package nodejs for versions less than 20.14.0-1
CVE-2024-30260 affecting package nodejs for versions less than 20.14.0-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-27982 affecting package nodejs for versions less than 20.14.0-1
CVE-2024-27982 affecting package nodejs for versions less than 20.14.0-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-24758 affecting package nodejs for versions less than 20.14.0-1
CVE-2024-24758 affecting package nodejs for versions less than 20.14.0-1. An upgraded version of the package is available that resolves this issue...
AZL-35050 CVE-2024-22195 affecting package nodejs for versions less than 20.14.0-1
Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary HTML attributes into the rendered HTML template, potentially leading to Cross-Site Scripting XSS. The Jinja xmlattr filter can be abused t...
AZL-41949 CVE-2019-10906 affecting package nodejs for versions less than 20.14.0-1
In Pallets Jinja before 2.10.1, str.formatmap allows a sandbox escape...