[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2021-23445":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T08:55:34.825Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":44,"aliases":62,"duplicate_of":9,"upstream":64,"downstream":65,"duplicates":78,"related":79,"reserved_at":9,"published_at":80,"modified_at":81,"state":82,"summary":83,"references_raw":91,"kevs":144,"epss":145,"epss_history":148,"metrics":421,"affected":441},"CVE-2021-23445","This affects the package datatables.net before 1.11.3. If an array is passed to the HTML escape entities function it would not have its contents escaped.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-79","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.","weakness","Stable","Base","High",[20,24,28,32,36,40],{"id":21,"name":22,"techniques":23},"CAPEC-209","XSS Using MIME Type Mismatch",[],{"id":25,"name":26,"techniques":27},"CAPEC-588","DOM-Based XSS",[],{"id":29,"name":30,"techniques":31},"CAPEC-591","Reflected XSS",[],{"id":33,"name":34,"techniques":35},"CAPEC-592","Stored XSS",[],{"id":37,"name":38,"techniques":39},"CAPEC-63","Cross-Site Scripting (XSS)",[],{"id":41,"name":42,"techniques":43},"CAPEC-85","AJAX Footprinting",[],[45,54,58],{"_key":46,"name":47,"source":48,"url":49,"maturity":50,"reliability_score":51,"verified":52,"type":9,"platforms":53,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_018E22041B89B870","Exploit Reference (snyk.io)","reference","https://snyk.io/vuln/SNYK-JS-DATATABLESNET-1540544","unknown",0.2,false,[],{"_key":55,"name":47,"source":48,"url":56,"maturity":50,"reliability_score":51,"verified":52,"type":9,"platforms":57,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_7FE8F4A192DD971D","https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1715371",[],{"_key":59,"name":47,"source":48,"url":60,"maturity":50,"reliability_score":51,"verified":52,"type":9,"platforms":61,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_BF960ECE4C583C15","https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1715376",[],[63],"GHSA-h73q-5wmj-q8pj",[],[66,68,70,72,74,76],{"_key":67},"DLA-3529-1",{"_key":69},"DEBIAN-CVE-2021-23445",{"_key":71},"RHSA-2024:3559",{"_key":73},"RHSA-2024:3560",{"_key":75},"RHSA-2024:3561",{"_key":77},"UBUNTU-CVE-2021-23445",[],[],"2021-09-27T16:35:18.234Z","2024-09-16T18:39:20.468Z","Modified",{"cisa_kev":52,"cisa_ransomware":52,"cisa_vendor":9,"epss_severity":84,"epss_score":85,"severity":86,"severity_score":87,"severity_version":88,"severity_source":89,"severity_vector":90,"severity_status":82},"low",0.00349,"medium",6.1,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",[92,100,103,106,111,117,122,126,131,135,140],{"url":49,"sources":93,"tags":96},[94,89,95],"cve.org","osv_npm",[97,98,99],"Exploit","Third Party Advisory","WEB",{"url":56,"sources":101,"tags":102},[94,89,95],[97,98,99],{"url":60,"sources":104,"tags":105},[94,89,95],[97,98,99],{"url":107,"sources":108,"tags":109},"https://github.com/DataTables/Dist-DataTables/commit/59a8d3f8a3c1138ab08704e783bc52bfe88d7c9b",[94,89,95],[110,98,99],"Patch",{"url":112,"sources":113,"tags":114},"https://cdn.datatables.net/1.11.3/",[94,89],[115,116],"Release Notes","Vendor Advisory",{"url":118,"sources":119,"tags":120},"https://lists.debian.org/debian-lts-announce/2023/08/msg00018.html",[94,89,95],[121,99],"Mailing List",{"url":123,"sources":124,"tags":125},"https://security.netapp.com/advisory/ntap-20240621-0006/",[94,89],[],{"url":127,"sources":128,"tags":129},"https://nvd.nist.gov/vuln/detail/CVE-2021-23445",[95],[130],"Advisory",{"url":132,"sources":133,"tags":134},"https://cdn.datatables.net/1.11.3",[95],[99],{"url":136,"sources":137,"tags":138},"https://github.com/DataTables/Dist-DataTables",[95],[139],"PACKAGE",{"url":141,"sources":142,"tags":143},"https://security.netapp.com/advisory/ntap-20240621-0006",[95],[99],[],{"date":146,"score":85,"percentile":147},"2026-06-05",0.57728,[149,153,156,159,162,165,168,171,174,177,181,184,186,189,192,196,199,202,205,208,211,214,217,220,224,227,230,233,237,240,244,248,251,254,257,260,263,266,269,272,275,278,281,284,287,291,294,297,300,303,306,309,312,315,319,322,325,328,331,334,337,340,343,346,349,352,355,358,361,364,367,370,373,376,379,382,385,388,390,393,395,398,401,404,407,409,411,414,416,418],{"date":150,"score":151,"percentile":152},"2025-11-04",0.00658,0.70249,{"date":154,"score":151,"percentile":155},"2025-11-05",0.70234,{"date":157,"score":151,"percentile":158},"2025-11-06",0.70233,{"date":160,"score":151,"percentile":161},"2025-11-07",0.70247,{"date":163,"score":151,"percentile":164},"2025-11-08",0.7025,{"date":166,"score":151,"percentile":167},"2025-11-09",0.70242,{"date":169,"score":151,"percentile":170},"2025-11-10",0.7023,{"date":172,"score":151,"percentile":173},"2025-11-11",0.70241,{"date":175,"score":151,"percentile":176},"2025-11-12",0.70264,{"date":178,"score":179,"percentile":180},"2025-11-13",0.00656,0.70223,{"date":182,"score":179,"percentile":183},"2025-11-14",0.70231,{"date":185,"score":179,"percentile":183},"2025-11-15",{"date":187,"score":179,"percentile":188},"2025-11-16",0.70227,{"date":190,"score":179,"percentile":191},"2025-11-17",0.70226,{"date":193,"score":194,"percentile":195},"2025-11-18",0.01549,0.79843,{"date":197,"score":194,"percentile":198},"2025-11-19",0.79848,{"date":200,"score":194,"percentile":201},"2025-11-20",0.79854,{"date":203,"score":179,"percentile":204},"2025-11-21",0.70245,{"date":206,"score":179,"percentile":207},"2025-11-22",0.70236,{"date":209,"score":179,"percentile":210},"2025-11-23",0.70219,{"date":212,"score":179,"percentile":213},"2025-11-24",0.7021,{"date":215,"score":179,"percentile":216},"2025-11-25",0.70213,{"date":218,"score":179,"percentile":219},"2025-11-26",0.70218,{"date":221,"score":222,"percentile":223},"2025-11-27",0.00856,0.74241,{"date":225,"score":222,"percentile":226},"2025-11-28",0.74231,{"date":228,"score":222,"percentile":229},"2025-11-29",0.74229,{"date":231,"score":222,"percentile":232},"2025-11-30",0.74226,{"date":234,"score":235,"percentile":236},"2025-12-01",0.00264,0.49763,{"date":238,"score":235,"percentile":239},"2025-12-02",0.49781,{"date":241,"score":242,"percentile":243},"2025-12-03",0.00144,0.35257,{"date":245,"score":246,"percentile":247},"2025-12-04",0.00397,0.59784,{"date":249,"score":246,"percentile":250},"2025-12-05",0.5979,{"date":252,"score":246,"percentile":253},"2025-12-06",0.59779,{"date":255,"score":246,"percentile":256},"2025-12-07",0.59773,{"date":258,"score":246,"percentile":259},"2025-12-08",0.59775,{"date":261,"score":246,"percentile":262},"2025-12-09",0.5981,{"date":264,"score":246,"percentile":265},"2025-12-10",0.59857,{"date":267,"score":246,"percentile":268},"2025-12-11",0.59877,{"date":270,"score":246,"percentile":271},"2025-12-12",0.59894,{"date":273,"score":246,"percentile":274},"2025-12-13",0.59895,{"date":276,"score":246,"percentile":277},"2025-12-14",0.59889,{"date":279,"score":246,"percentile":280},"2025-12-15",0.59864,{"date":282,"score":246,"percentile":283},"2025-12-16",0.59888,{"date":285,"score":246,"percentile":286},"2025-12-17",0.59903,{"date":288,"score":289,"percentile":290},"2025-12-18",0.00337,0.56029,{"date":292,"score":289,"percentile":293},"2025-12-19",0.56033,{"date":295,"score":289,"percentile":296},"2025-12-20",0.56024,{"date":298,"score":289,"percentile":299},"2025-12-21",0.56002,{"date":301,"score":289,"percentile":302},"2025-12-22",0.55984,{"date":304,"score":289,"percentile":305},"2025-12-23",0.55991,{"date":307,"score":289,"percentile":308},"2025-12-24",0.55999,{"date":310,"score":289,"percentile":311},"2025-12-25",0.56047,{"date":313,"score":289,"percentile":314},"2025-12-26",0.56043,{"date":316,"score":317,"percentile":318},"2025-12-27",0.00327,0.55229,{"date":320,"score":317,"percentile":321},"2025-12-28",0.55146,{"date":323,"score":317,"percentile":324},"2025-12-29",0.55131,{"date":326,"score":317,"percentile":327},"2025-12-30",0.55124,{"date":329,"score":317,"percentile":330},"2025-12-31",0.55137,{"date":332,"score":242,"percentile":333},"2026-01-01",0.35369,{"date":335,"score":242,"percentile":336},"2026-01-02",0.35362,{"date":338,"score":242,"percentile":339},"2026-01-03",0.35348,{"date":341,"score":317,"percentile":342},"2026-01-04",0.55108,{"date":344,"score":317,"percentile":345},"2026-01-05",0.55097,{"date":347,"score":317,"percentile":348},"2026-01-06",0.55103,{"date":350,"score":317,"percentile":351},"2026-01-07",0.55129,{"date":353,"score":317,"percentile":354},"2026-01-08",0.5515,{"date":356,"score":317,"percentile":357},"2026-01-09",0.55145,{"date":359,"score":317,"percentile":360},"2026-01-10",0.55144,{"date":362,"score":317,"percentile":363},"2026-01-11",0.55122,{"date":365,"score":317,"percentile":366},"2026-01-12",0.55077,{"date":368,"score":317,"percentile":369},"2026-01-13",0.55055,{"date":371,"score":317,"percentile":372},"2026-01-14",0.55101,{"date":374,"score":317,"percentile":375},"2026-01-15",0.55105,{"date":377,"score":317,"percentile":378},"2026-01-16",0.55127,{"date":380,"score":317,"percentile":381},"2026-01-17",0.55119,{"date":383,"score":317,"percentile":384},"2026-01-18",0.55112,{"date":386,"score":317,"percentile":387},"2026-01-19",0.55102,{"date":389,"score":317,"percentile":348},"2026-01-20",{"date":391,"score":317,"percentile":392},"2026-01-21",0.55107,{"date":394,"score":317,"percentile":384},"2026-01-22",{"date":396,"score":317,"percentile":397},"2026-01-23",0.55156,{"date":399,"score":317,"percentile":400},"2026-01-24",0.5516,{"date":402,"score":317,"percentile":403},"2026-01-25",0.55123,{"date":405,"score":317,"percentile":406},"2026-01-26",0.5511,{"date":408,"score":317,"percentile":363},"2026-01-27",{"date":410,"score":317,"percentile":330},"2026-01-28",{"date":412,"score":317,"percentile":413},"2026-01-29",0.55138,{"date":415,"score":317,"percentile":321},"2026-01-30",{"date":417,"score":317,"percentile":354},"2026-01-31",{"date":419,"score":242,"percentile":420},"2026-02-01",0.35024,[422,429,439],{"source":94,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":423,"cvss_v4_0":9},{"baseScore":424,"baseSeverity":425,"vectorString":426,"impactScore":427,"exploitabilityScore":428},3.1,"LOW","CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P",2.3,4.1,{"source":89,"cvss_v2_0":430,"cvss_v3_0":9,"cvss_v3_1":435,"cvss_v4_0":9},{"baseScore":431,"baseSeverity":9,"vectorString":432,"impactScore":433,"exploitabilityScore":434},4.3,"AV:N/AC:M/Au:N/C:N/I:P/A:N",2.9,8.6,{"baseScore":87,"baseSeverity":436,"vectorString":90,"impactScore":437,"exploitabilityScore":438},"MEDIUM",4.5,7.2,{"source":95,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":440,"cvss_v4_0":9},{"baseScore":87,"baseSeverity":9,"vectorString":90,"impactScore":437,"exploitabilityScore":438},[442,453],{"ecosystem":9,"name":443,"vendor":444,"product":443,"cpe_part":445,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":446},"datatables.net","datatables","a",[447],{"version":448,"is_range":449,"range_type":450,"version_start":9,"version_start_type":9,"version_end":451,"version_end_type":452,"fixed_in":9},"lt1.11.3",true,"cpe","1.11.3","excluding",{"ecosystem":454,"name":443,"vendor":454,"product":443,"cpe_part":9,"purl_type":455,"purl_namespace":9,"purl_name":443,"source":9,"versions":456},"Npm","npm",[457],{"version":458,"is_range":449,"range_type":459,"version_start":9,"version_start_type":9,"version_end":451,"version_end_type":452,"fixed_in":9},"lt1_11_3","semver"]