CVE-2021-23445

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2021-23445
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-23445.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-23445
Aliases
Downstream
Related
  • SNYK-JAVA-ORGWEBJARSBOWER-1715371
  • SNYK-JAVA-ORGWEBJARSNPM-1715376
  • SNYK-JS-DATATABLESNET-1540544
Published
2021-09-27T17:15:08.137Z
Modified
2025-12-11T02:01:36.875638Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

This affects the package datatables.net before 1.11.3. If an array is passed to the HTML escape entities function it would not have its contents escaped.

References

Affected packages

Git / github.com/datatables/datatablessrc

Affected ranges

Type
GIT
Repo
https://github.com/datatables/datatablessrc
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
79772b97fe6d45af67057cc13fa6af3f00c873ea

Affected versions

1.*

1.0.1
1.10.0
1.10.0-beta.1
1.10.0-beta.2
1.10.0-rc.1
1.10.1
1.10.10
1.10.11
1.10.12
1.10.13
1.10.14
1.10.15
1.10.16
1.10.17
1.10.18
1.10.19
1.10.2
1.10.20
1.10.21
1.10.22
1.10.23
1.10.24
1.10.25
1.10.3
1.10.4
1.10.5
1.10.6
1.10.7
1.10.8
1.10.9
1.11.0
1.11.1
1.11.2
1.7.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-23445.json"

Git / github.com/datatables/dist-datatables

Affected ranges

Type
GIT
Repo
https://github.com/datatables/dist-datatables
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
59a8d3f8a3c1138ab08704e783bc52bfe88d7c9b

Affected versions

1.*

1.10.10
1.10.11
1.10.12
1.10.13
1.10.14
1.10.15
1.10.16
1.10.17
1.10.18
1.10.19
1.10.20
1.10.21
1.10.22
1.10.23
1.10.24
1.10.9
1.11.0
1.11.1
1.11.2

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-23445.json"