Search criteria
2 vulnerabilities by eta.js
CVE-2023-23630 (GCVE-0-2023-23630)
Vulnerability from cvelistv5 – Published: 2023-02-01 00:38 – Updated: 2025-03-10 21:17
VLAI
Title
Cross-site (XSS) vulnerability with Express API in Eta
Summary
Eta is an embedded JS templating engine that works inside Node, Deno, and the browser. XSS attack - anyone using the Express API is impacted. The problem has been resolved. Users should upgrade to version 2.0.0. As a workaround, don't pass user supplied things directly to `res.render`.
Severity
8.6 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/eta-dev/eta/security/advisorie… | x_refsource_CONFIRM |
| https://github.com/eta-dev/eta/commit/5651392462e… | x_refsource_MISC |
| https://github.com/eta-dev/eta/releases/tag/v2.0.0 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:35:33.606Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/eta-dev/eta/security/advisories/GHSA-xrh7-m5pp-39r6",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/eta-dev/eta/security/advisories/GHSA-xrh7-m5pp-39r6"
},
{
"name": "https://github.com/eta-dev/eta/commit/5651392462ee0ff19d77c8481081a99e5b9138dd",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eta-dev/eta/commit/5651392462ee0ff19d77c8481081a99e5b9138dd"
},
{
"name": "https://github.com/eta-dev/eta/releases/tag/v2.0.0",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eta-dev/eta/releases/tag/v2.0.0"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23630",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-10T20:59:19.594118Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-10T21:17:25.860Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "eta",
"vendor": "eta-dev",
"versions": [
{
"status": "affected",
"version": "\u003c 2.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Eta is an embedded JS templating engine that works inside Node, Deno, and the browser. XSS attack - anyone using the Express API is impacted. The problem has been resolved. Users should upgrade to version 2.0.0. As a workaround, don\u0027t pass user supplied things directly to `res.render`. \n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-01T00:38:29.697Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/eta-dev/eta/security/advisories/GHSA-xrh7-m5pp-39r6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/eta-dev/eta/security/advisories/GHSA-xrh7-m5pp-39r6"
},
{
"name": "https://github.com/eta-dev/eta/commit/5651392462ee0ff19d77c8481081a99e5b9138dd",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eta-dev/eta/commit/5651392462ee0ff19d77c8481081a99e5b9138dd"
},
{
"name": "https://github.com/eta-dev/eta/releases/tag/v2.0.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eta-dev/eta/releases/tag/v2.0.0"
}
],
"source": {
"advisory": "GHSA-xrh7-m5pp-39r6",
"discovery": "UNKNOWN"
},
"title": "Cross-site (XSS) vulnerability with Express API in Eta"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-23630",
"datePublished": "2023-02-01T00:38:29.697Z",
"dateReserved": "2023-01-16T17:07:46.245Z",
"dateUpdated": "2025-03-10T21:17:25.860Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25967 (GCVE-0-2022-25967)
Vulnerability from cvelistv5 – Published: 2023-01-30 05:00 – Updated: 2025-03-27 20:15
VLAI
Summary
Versions of the package eta before 2.0.0 are vulnerable to Remote Code Execution (RCE) by overwriting template engine configuration variables with view options received from The Express render API.
**Note:** This is exploitable only for users who are rendering templates with user-defined data.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:56:36.874Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-ETA-2936803"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/eta-dev/eta/blob/9c8e4263d3a559444a3881a85c1607bf344d0b28/src/file-handlers.ts%23L182"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/eta-dev/eta/blob/9c8e4263d3a559444a3881a85c1607bf344d0b28/src/compile-string.ts%23L21"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/eta-dev/eta/commit/5651392462ee0ff19d77c8481081a99e5b9138dd"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-25967",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-27T20:15:33.469914Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T20:15:37.734Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-ETA-2936803"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "eta",
"vendor": "n/a",
"versions": [
{
"lessThan": "2.0.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Rayhan Ahmed Niloy"
}
],
"descriptions": [
{
"lang": "en",
"value": "Versions of the package eta before 2.0.0 are vulnerable to Remote Code Execution (RCE) by overwriting template engine configuration variables with view options received from The Express render API.\r\r**Note:** This is exploitable only for users who are rendering templates with user-defined data.\r\r"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "Remote Code Execution (RCE)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-30T05:00:01.228Z",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"url": "https://security.snyk.io/vuln/SNYK-JS-ETA-2936803"
},
{
"url": "https://github.com/eta-dev/eta/blob/9c8e4263d3a559444a3881a85c1607bf344d0b28/src/file-handlers.ts%23L182"
},
{
"url": "https://github.com/eta-dev/eta/blob/9c8e4263d3a559444a3881a85c1607bf344d0b28/src/compile-string.ts%23L21"
},
{
"url": "https://github.com/eta-dev/eta/commit/5651392462ee0ff19d77c8481081a99e5b9138dd"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2022-25967",
"datePublished": "2023-01-30T05:00:01.228Z",
"dateReserved": "2022-02-24T11:58:25.179Z",
"dateUpdated": "2025-03-27T20:15:37.734Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}