Homepage
About Snyk

swig-templates@2.0.3 vulnerabilities

A simple, powerful, and extendable templating engine for node.js and browsers, similar to Django, Jinja2, and Twig.

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the swig-templates package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Arbitrary File Read

swig-templates is an A simple, powerful, and extendable templating engine for node.js and browsers, similar to Django, Jinja2, and Twig.

Affected versions of this package are vulnerable to Arbitrary File Read via the renderFile method.

How to fix Arbitrary File Read?

There is no fixed version for swig-templates.

*
  • M
Arbitrary Code Execution

swig-templates is an A simple, powerful, and extendable templating engine for node.js and browsers, similar to Django, Jinja2, and Twig.

Affected versions of this package are vulnerable to Arbitrary Code Execution via the renderFile method.

Note: The following conditions are required to exploit the vulnerability:

  1. User input is used in the context of the package.

  2. User input is not sanitized.

  3. The value is dynamic.

How to fix Arbitrary Code Execution?

There is no fixed version for swig-templates.

*
Go back to all versions of this package