Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-23358

Опубликовано: 29 мар. 2021
Источник: debian

Описание

The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
underscorefixed1.9.1~dfsg-2package

Примечания

  • https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984

Связанные уязвимости

ubuntu логотип

CVE-2021-23358

CVSS3: 3.3
ubuntu
почти 5 лет назад

The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized.

redhat логотип

CVE-2021-23358

CVSS3: 7.2
redhat
почти 5 лет назад

The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized.

nvd логотип

CVE-2021-23358

CVSS3: 3.3
nvd
почти 5 лет назад

The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized.

msrc логотип

CVE-2021-23358

msrc
5 месяцев назад

Arbitrary Code Injection

suse-cvrf логотип

openSUSE-SU-2021:0601-1

suse-cvrf
почти 5 лет назад

Security update for nodejs-underscore