CVE-2021-23358

Description

The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Execution via the template function, particularly when a variable property is passed as an argument as it is not sanitized.

Related CPE's

aunderscorejsunderscore*****node.js**
vulnerable
aunderscorejsunderscore*****node.js**
vulnerable

References

https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBJASHKENAS-1081505

ExploitThird Party Advisory

https://github.com/jashkenas/underscore/blob/master/modules/template.js%23L71

Broken Link

https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984

ExploitThird Party Advisory

https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1081504

ExploitThird Party Advisory

https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1081503

ExploitThird Party Advisory

[debian-lts-announce] 20210331 [SECURITY] [DLA 2613-1] underscore security update

Mailing ListThird Party Advisory

DSA-4883

CvssV3 impact

BaseSeverity

CRITICAL

ConfidentialityImpact

HIGH

AttackComplexity

LOW

Scope

UNCHANGED

AttackVector

NETWORK

AvailabilityImpact

HIGH

IntegrityImpact

HIGH

PrivilegesRequired

NONE

BaseScore

9.8

VectorString

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Version

3.1

UserInteraction

NONE

CvssV2 impact

AccessComplexity

LOW

ConfidentialityImpact

PARTIAL

AvailabilityImpact

PARTIAL

IntegrityImpact

PARTIAL

BaseScore

7.5

VectorString

AV:N/AC:L/Au:N/C:P/I:P/A:P

Version

2.0

AccessVector

NETWORK

Authentication

NONE