Skip to main content

Squirrelly

2 CVEs product

Monthly

CVE-2024-40453 npm CRITICAL POC PATCH Act Now

squirrellyjs squirrelly v9.0.0 and fixed in v.9.0.1 was discovered to contain a code injection vulnerability via the component options.varName. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Code Injection RCE Squirrelly
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2021-32819 npm HIGH POC PATCH THREAT This Week

Squirrelly is a template engine implemented in JavaScript that works out of the box with ExpressJS. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Information Disclosure Squirrelly
NVD GitHub
CVSS 3.1
8.8
EPSS
59.8%
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

squirrellyjs squirrelly v9.0.0 and fixed in v.9.0.1 was discovered to contain a code injection vulnerability via the component options.varName. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Code Injection RCE Squirrelly
NVD GitHub
EPSS 60% CVSS 8.8
HIGH POC PATCH THREAT This Week

Squirrelly is a template engine implemented in JavaScript that works out of the box with ExpressJS. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Information Disclosure Squirrelly
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy