neoan3-apps/template is vulnerable to arbitrary code execution (RCE) attacks. An attacker could execute global or local functions & methods by storing particular values into the database via closures that are known to be eventually rendered by the template engine resulting in arbitrary code execution attacks.
CPE | Name | Operator | Version |
---|---|---|---|
neoan3-apps/template | le | 1.1.0 | |
neoan3-apps/template | le | 1.1.0 |
github.com/sroehrl/neoan3-template/commit/47269808fac28354fa20c77bec29919967cc4830
github.com/sroehrl/neoan3-template/commit/4a2c9570f071d3c8f4ac790007599cba20e16934
github.com/sroehrl/neoan3-template/issues/8
github.com/sroehrl/neoan3-template/pull/9
github.com/sroehrl/neoan3-template/security/advisories/GHSA-3v56-q6r6-4gcw