Every CVE whose affected-product data names Mozilla Nunjucks, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2016-10547 — CVSS 6.1 (medium): Nunjucks is a full featured templating engine for JavaScript. Versions 2.4.2 and lower have a cross site scripting (XSS) vulnerability in…
CVE-2023-2142 — CVSS 6.1 (medium): In Nunjucks versions prior to version 3.2.4, it was possible to bypass the restrictions which are provided by the autoescape functionality…