Skip to main content
CVE-2024-33883 MEDIUM PATCH This Month

The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certain pollution protection. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Node.js Information Disclosure
NVD GitHub
CVSS 3.1
4.0
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy