GHSA-2rq5-699j-x7p6, CVE-2023-25345
npm/swig-templates
Arbitrary local file read vulnerability during template rendering
Directory traversal vulnerability in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to read arbitrary files via the include or extends tags.
All versions up to 2.0.4
Unfortunately, there is no solution available yet.
2023-03-17
source |