EJS has a critical vulnerability

Question

EJS has a critical vulnerability

andrewdavidcostello opened this issue 2 years ago · comments

ejs  <3.1.7
Severity: critical
Template injection in ejs - https://github.com/advisories/GHSA-phwq-j96m-2c2q
fix available via `npm audit fix`
node_modules/ejs

Running npm audit fix will solve this for now but might be good to update?

Anthony (Trapcode) · Answer 1 · Wed Jul 13 2022 20:11:03 GMT+0800 (China Standard Time)

Updated: https://github.com/trapcodeio/vite-plugin-ejs/releases/tag/v1.5.0