CVE-2021-23445

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-23445
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-23445.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-23445
Aliases
Related
  • SNYK-JAVA-ORGWEBJARSBOWER-1715371
  • SNYK-JAVA-ORGWEBJARSNPM-1715376
  • SNYK-JS-DATATABLESNET-1540544
  • UBUNTU-CVE-2021-23445
Published
2021-09-27T17:15:08Z
Modified
2025-07-01T23:57:18.108595Z
Downstream
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

This affects the package datatables.net before 1.11.3. If an array is passed to the HTML escape entities function it would not have its contents escaped.

References

Affected packages

Debian:11 / datatables.js

Package

Name
datatables.js
Purl
pkg:deb/debian/datatables.js?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.10.21+dfsg-2+deb11u1

Affected versions

1.*

1.10.21+dfsg-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / datatables.js

Package

Name
datatables.js
Purl
pkg:deb/debian/datatables.js?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.10.21+dfsg-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / datatables.js

Package

Name
datatables.js
Purl
pkg:deb/debian/datatables.js?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.10.21+dfsg-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/datatables/datatablessrc

Affected ranges

Type
GIT
Repo
https://github.com/datatables/datatablessrc
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Type
GIT
Repo
https://github.com/datatables/dist-datatables
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

1.*

1.0.1
1.10.0
1.10.0-beta.1
1.10.0-beta.2
1.10.0-rc.1
1.10.1
1.10.10
1.10.11
1.10.12
1.10.13
1.10.14
1.10.15
1.10.16
1.10.17
1.10.18
1.10.19
1.10.2
1.10.20
1.10.21
1.10.22
1.10.23
1.10.24
1.10.25
1.10.3
1.10.4
1.10.5
1.10.6
1.10.7
1.10.8
1.10.9
1.11.0
1.11.1
1.11.2
1.7.0