Search for packages
| purl | pkg:npm/ejs@2.0.6 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-46sh-p9cn-1yd9
Aliases: CVE-2024-33883 GHSA-ghr5-ch3p-vcr6 |
The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certain pollution protection. |
Affected by 0 other vulnerabilities. |
|
VCID-7b2x-cc6t-9yc8
Aliases: CVE-2017-1000189 GHSA-6x77-rpqf-j6mw |
ejs vulnerable to DoS due to weak input validation |
Affected by 1 other vulnerability. |
|
VCID-gj3b-7ztc-t7bk
Aliases: CVE-2017-1000228 GHSA-3w5v-p54c-f74x |
ejs is vulnerable to remote code execution due to weak input validation |
Affected by 3 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-pw1m-q6d1-pqfj
Aliases: CVE-2017-1000188 GHSA-hwcf-pp87-7x6p |
mde ejs vulnerable to XSS |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-12T19:26:44.286499+00:00 | GitLab Importer | Affected by | VCID-46sh-p9cn-1yd9 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ejs/CVE-2024-33883.yml | 38.6.0 |
| 2026-06-12T16:56:10.475048+00:00 | GitLab Importer | Affected by | VCID-7b2x-cc6t-9yc8 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ejs/CVE-2017-1000189.yml | 38.6.0 |
| 2026-06-12T16:56:10.084721+00:00 | GitLab Importer | Affected by | VCID-gj3b-7ztc-t7bk | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ejs/CVE-2017-1000228.yml | 38.6.0 |
| 2026-06-12T16:56:09.692723+00:00 | GitLab Importer | Affected by | VCID-pw1m-q6d1-pqfj | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ejs/CVE-2017-1000188.yml | 38.6.0 |