CVE-2022-25967
Severity CVSS v4.0:
Pending analysis
Type:
CWE-94
Code Injection
Publication date:
30/01/2023
Last modified:
27/03/2025
Description
Versions of the package eta before 2.0.0 are vulnerable to Remote Code Execution (RCE) by overwriting template engine configuration variables with view options received from The Express render API.<br />
<br />
**Note:** This is exploitable only for users who are rendering templates with user-defined data.<br />
<br />
Impact
Base Score 3.x
8.10
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:eta.js:eta:*:*:*:*:*:node.js:*:* | 2.0.0 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://github.com/eta-dev/eta/blob/9c8e4263d3a559444a3881a85c1607bf344d0b28/src/compile-string.ts%23L21
- https://github.com/eta-dev/eta/blob/9c8e4263d3a559444a3881a85c1607bf344d0b28/src/file-handlers.ts%23L182
- https://github.com/eta-dev/eta/commit/5651392462ee0ff19d77c8481081a99e5b9138dd
- https://security.snyk.io/vuln/SNYK-JS-ETA-2936803
- https://github.com/eta-dev/eta/blob/9c8e4263d3a559444a3881a85c1607bf344d0b28/src/compile-string.ts%23L21
- https://github.com/eta-dev/eta/blob/9c8e4263d3a559444a3881a85c1607bf344d0b28/src/file-handlers.ts%23L182
- https://github.com/eta-dev/eta/commit/5651392462ee0ff19d77c8481081a99e5b9138dd
- https://security.snyk.io/vuln/SNYK-JS-ETA-2936803
- https://security.snyk.io/vuln/SNYK-JS-ETA-2936803