Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS1tZjZ4LWhyZ3ItNjU4Zs4AAxPw

Eta vulnerable to Code Injection via templates rendered with user-defined data

Versions of the package eta before 2.0.0 are vulnerable to Remote Code Execution (RCE) by overwriting template engine configuration variables with view options received from The Express render API. Note: This is exploitable only for users who are rendering templates with user-defined data.

Permalink: https://github.com/advisories/GHSA-mf6x-hrgr-658f
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1tZjZ4LWhyZ3ItNjU4Zs4AAxPw
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: about 1 year ago
Updated: about 1 year ago


CVSS Score: 8.8
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Identifiers: GHSA-mf6x-hrgr-658f, CVE-2022-25967
References: Repository: https://github.com/eta-dev/eta

Affected Packages

npm:eta
Dependent packages: 177
Dependent repositories: 15,007
Downloads: 2,212,775 last month
Affected Version Ranges: < 2.0.0
Fixed in: 2.0.0
All affected versions: 0.0.0, 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.1.0, 1.1.1, 1.2.0, 1.2.1, 1.2.2, 1.3.0, 1.4.0, 1.5.0, 1.6.0, 1.6.1, 1.6.2, 1.7.0, 1.8.0, 1.9.0, 1.10.0, 1.10.1, 1.11.0, 1.12.0, 1.12.1, 1.12.2, 1.12.3, 1.13.0, 1.14.0, 1.14.1, 1.14.2
All unaffected versions: 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.1.2, 2.2.0, 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.1.0, 3.1.1, 3.2.0, 3.3.0