VulnerableCode Package Details - pkg:deb/debian/node-ejs@2.5.7-1%2Bdeb10u1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/node-ejs@2.5.7-1%2Bdeb10u1

Essentials
History (3)

purl	pkg:deb/debian/node-ejs@2.5.7-1%2Bdeb10u1

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (3)

Vulnerability	Summary	Aliases
VCID-9hgv-yjdc-j7g7	Cross-site Scripting The ejs module is vulnerable to a Cross-site-scripting in `ejs.renderFile()`.	CVE-2017-1000188 GHSA-hwcf-pp87-7x6p
VCID-k525-8c5h-tbdq	Improper Input Validation The ejs module is vulnerable to a denial-of-service due to weak input validation in the `ejs.renderFile()`.	CVE-2017-1000189 GHSA-6x77-rpqf-j6mw
VCID-nq37-ewy1-d7et	Improper Input Validation The ejs module is vulnerable to remote code execution due to weak input validation in `ejs.renderFile()` function.	CVE-2017-1000228 GHSA-3w5v-p54c-f74x

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-06T01:59:12.489174+00:00	Debian Oval Importer	Fixing	VCID-k525-8c5h-tbdq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-06T00:26:54.116580+00:00	Debian Oval Importer	Fixing	VCID-9hgv-yjdc-j7g7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-05T23:40:05.811016+00:00	Debian Oval Importer	Fixing	VCID-nq37-ewy1-d7et	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0