Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Underscore
(Underscorejs)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 1 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-03-29 | CVE-2021-23358 | The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized. | Debian_linux, Fedora, Tenable\.sc, Underscore | 7.2 |