Squirrelly

squirrelly

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Squirrelly

squirrelly

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-40453 1Squirrelly 1Squirrelly Jun 17, 2026 Aug 21, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 squirrellyjs squirrelly v9.0.0 and fixed in v.9.0.1 was discovered to contain a code injection vulnerability via the component options.varName.
CVE-2021-32819 1Squirrelly 1Squirrelly Jun 17, 2026 May 14, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Squirrelly is a template engine implemented in JavaScript that works out of the box with ExpressJS. Squirrelly mixes pure template data with engine configuration options through the Express render API. By overwriting int...Show more Squirrelly is a template engine implemented in JavaScript that works out of the box with ExpressJS. Squirrelly mixes pure template data with engine configuration options through the Express render API. By overwriting internal configuration options remote code execution may be triggered in downstream applications. This issue is fixed in version 9.0.0. For complete details refer to the referenced GHSL-2021-023.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2024-40453

1Squirrelly

Jun 17, 2026

Aug 21, 2024

N/A· v4

9.8 CRITICAL· v3

N/A· v2

squirrellyjs squirrelly v9.0.0 and fixed in v.9.0.1 was discovered to contain a code injection vulnerability via the component options.varName.

CVE-2021-32819

1Squirrelly

Jun 17, 2026

May 14, 2021

N/A· v4

8.8 HIGH· v3

6.8 MEDIUM· v2

Squirrelly is a template engine implemented in JavaScript that works out of the box with ExpressJS. Squirrelly mixes pure template data with engine configuration options through the Express render API. By overwriting internal configuration options remote code execution may be triggered in downstream applications. This issue is fixed in version 9.0.0. For complete details refer to the referenced GHSL-2021-023.Show less