Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES SCA (Software Composition Analysis)

CVE-2022-25967 Vulnerability in npm package eta

Description

Versions of the package eta before 2.0.0 are vulnerable to Remote Code Execution (RCE) by overwriting template engine configuration variables with view options received from The Express render API. **Note:** This is exploitable only for users who are rendering templates with user-defined data.

Remediation

References

https://github.com/eta-dev/eta/blob/9c8e4263d3a559444a3881a85c1607bf344d0b28/src/compile-string.ts%23L21

https://github.com/eta-dev/eta/blob/9c8e4263d3a559444a3881a85c1607bf344d0b28/src/file-handlers.ts%23L182

https://github.com/eta-dev/eta/commit/5651392462ee0ff19d77c8481081a99e5b9138dd

https://security.snyk.io/vuln/SNYK-JS-ETA-2936803

Related Vulnerabilities

CVE-2019-17592 Vulnerability in npm package csv-parse

CVE-2023-1584 Vulnerability in maven package io.quarkus:quarkus-oidc

CVE-2021-31635 Vulnerability in maven package com.jfinal:jfinal

CVE-2022-24613 Vulnerability in maven package com.drewnoakes:metadata-extractor

CVE-2023-26139 Vulnerability in npm package underscore-keypath

Severity

Critical

Classification

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Broken Link Patch Third Party Advisory NVD-CWE-noinfo