Vulnerability feed

Vulnerability

CVE-2021-23358

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2021-23358
Description:: The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized.
Last updated date:: 09/22/2021

Type:: exploit
Confidence:: HIGH
Date of publishing:: 08/24/2021
Reference url to background: https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1081504

Type:: exploit
Confidence:: HIGH
Date of publishing:: 08/24/2021
Reference url to background: https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBJASHKENAS-1081505

Type:: exploit
Confidence:: HIGH
Date of publishing:: 08/24/2021
Reference url to background: https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1081503

Type:: exploit
Confidence:: HIGH
Date of publishing:: 08/24/2021
Reference url to background: https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984

Vulnerability Feed Contributors About Blog

@inTheWild

©2025 |