VDB
GCVE-110-MAGEIA-2021-269
GCVE-110-MAGEIA-2021-269
Advisory Published
The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2
and before 1.12.1 are vulnerable to Arbitrary Code Injectio via the
template function, particularly when a variable property is passed as
an argument as it is not sanitized (CVE-2021-23358)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | puddletag | 0 (affected), 2.0.2-0.git20210523.1.mga8 (unaffected) | — |
Aliases
References
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.