CVE-2022-25967
HIGH8.8EPSS 19.0%Eta vulnerable to Code Injection via templates rendered with user-defined data
發布日:2023/1/30修改日:2023/11/8
描述
Versions of the package eta before 2.0.0 are vulnerable to Remote Code Execution (RCE) by overwriting template engine configuration variables with view options received from The Express render API. **Note:** This is exploitable only for users who are rendering templates with user-defined data.
受影響套件(1)
- npm/etafrom 0, < 2.0.0
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
參考連結(6)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2022-25967
- PATCHhttps://github.com/eta-dev/eta
- WEBhttps://github.com/eta-dev/eta/blob/9c8e4263d3a559444a3881a85c1607bf344d0b28/src/compile-string.ts%23L21
- WEBhttps://github.com/eta-dev/eta/blob/9c8e4263d3a559444a3881a85c1607bf344d0b28/src/file-handlers.ts%23L182
- WEBhttps://github.com/eta-dev/eta/commit/5651392462ee0ff19d77c8481081a99e5b9138dd
- WEBhttps://security.snyk.io/vuln/SNYK-JS-ETA-2936803