| Bug | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|
| CVE-2024-33883 | vulnerable | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | The ejs (aka Embedded JavaScript templates) package before 3.1.10 for ... |
| CVE-2023-29827 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | ejs v3.1.9 is vulnerable to server-side template injection. If the ejs ... |
| CVE-2022-29078 | vulnerable | fixed | fixed | fixed | fixed | fixed | The ejs (aka Embedded JavaScript templates) package 3.1.6 for Node.js ... |
| CVE-2017-1000228 | vulnerable | fixed | fixed | fixed | fixed | fixed | nodejs ejs versions older than 2.5.3 is vulnerable to remote code exec ... |
| CVE-2017-1000189 | vulnerable | fixed | fixed | fixed | fixed | fixed | nodejs ejs version older than 2.5.5 is vulnerable to a denial-of-servi ... |
| CVE-2017-1000188 | vulnerable | fixed | fixed | fixed | fixed | fixed | nodejs ejs version older than 2.5.5 is vulnerable to a Cross-site-scri ... |