CVE-2023-29827

Опубликовано: 04 мая 2023

Источник: nvd

CVSS3: 9.8

EPSS Высокий

Описание

ejs v3.1.9 is vulnerable to server-side template injection. If the ejs file is controllable, template injection can be implemented through the configuration settings of the closeDelimiter parameter. NOTE: this is disputed by the vendor because the render function is not intended to be used with untrusted input.

Ссылки

https://github.com/mde/ejs/blob/main/SECURITY.md#out-of-scope-vulnerabilities
Third Party Advisory
https://github.com/mde/ejs/issues/720
Exploit
Issue Tracking
Patch
https://github.com/mde/ejs/blob/main/SECURITY.md#out-of-scope-vulnerabilities
Third Party Advisory
https://github.com/mde/ejs/issues/720
Exploit
Issue Tracking
Patch

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ejs:ejs:*:*:*:*:*:node.js:*:*

Версия от 3.1.9 (включая)

EPSS

Процентиль: 99%

0.80822

Высокий

9.8 Critical

CVSS3

Дефекты

CWE-74

Связанные уязвимости

CVE-2023-29827

CVSS3: 9.8

ubuntu

почти 3 года назад

CVE-2023-29827

CVSS3: 9.8

debian

почти 3 года назад

ejs v3.1.9 is vulnerable to server-side template injection. If the ejs ...

GHSA-j5pp-6f4w-r5r6

CVSS3: 9.8

github

почти 3 года назад

ejs v3.1.9 is vulnerable to server-side template injection. If the ejs file is controllable, template injection can be implemented through the configuration settings of the closeDelimiter parameter.

EPSS

Процентиль: 99%

0.80822

Высокий

9.8 Critical

CVSS3

Дефекты

CWE-74