CVE-2024-33883 Information

Description

The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certain pollution protection.

Reference

https://github.com/mde/ejs/commit/e469741dca7df2eb400199e1cdb74621e3f89aa5 https://github.com/mde/ejs/compare/v3.1.9…v3.1.10