pug-code-gen (npm) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package pug-code-gen, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2021-21353 — CVSS 6.8 (medium): Pug is an npm package which is a high-performance template engine. In pug before version 3.0.1, if a remote attacker was able to control…
CVE-2024-36361 — CVSS 6.8 (medium): Pug through 3.0.2 allows JavaScript code execution if an application accepts untrusted input for the name option of the compileClient…