CVE-2024-33883

Published: 28 April 2024

The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certain pollution protection.

Priority

Package	Release	Status
node-ejs Launchpad, Ubuntu, Debian	bionic	Needed
	focal	Needed
	jammy	Needed
	mantic	Needed
	noble	Needed
	upstream	Released (3.1.10+~3.1.5-1)

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.