Y1Nglamore

**Name of the Vulnerable Software and Affected Versions** swig-templates versions 2.0.4 and earlier swig versions 1.4.2 and earlier **Description** An issue allows attackers to execute arbitrary code via crafted Object.prototype anonymous function. **Recommendations** For swig-templates versions 2.0.4 and earlier, consider disabling the use of crafted Object.prototype anonymous functions until a patch is available. For swig versions 1.4.2 and earlier, consider disabling the use of crafted Object.prototype anonymous functions until a patch is available. As a temporary workaround, restrict the execution of arbitrary code via crafted Object.prototype anonymous functions in both swig-templates and swig.

**Name of the Vulnerable Software and Affected Versions** swig-templates versions 2.0.4 and earlier swig versions 1.4.2 and earlier **Description** A directory traversal issue allows attackers to read arbitrary files via the include or extends tags. This can be exploited by attackers to access sensitive information. **Recommendations** For swig-templates versions 2.0.4 and earlier, consider disabling the include or extends tags until a patch is available. For swig versions 1.4.2 and earlier, restrict access to the tags to minimize the risk of exploitation. As a temporary workaround, avoid using the include or extends tags in swig-templates and swig until the issue is resolved.