Control: tags -1 + confirmed
On Sat, 2022-04-30 at 09:11 +0200, Yadd wrote:
> node-ejs is vulnerable to server-side template injection
> (CVE-2022-29078, #1010359) and probably to prototype pollution.
>
Please go ahead.
Regards,
Adam
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
[ Reason ]
node-ejs is vulnerable to server-side template injection
(CVE-2022-29078, #1010359) and probably to prototype pollution.
[ Impact ]
Medium security issue
[ Tests ]
2 matches
Mail list logo