Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2025-67898
CVE-2025-67898
MJML through 4.18.0 allows mj-include directory traversal to test file existence and (in the type="css" case) read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827.
Published Dec 15, 2025
https://github.com/mjmlio/mjml/issues/3018
CVSS Score
Medium
4.5
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
mjml
0.0.1-future
npm
mjml
0.0.1
npm
mjml
0.0.2
npm
mjml
0.1.0
npm
mjml
1.0.0
npm
mjml
1.0.1
npm
mjml
1.0.2
npm
mjml
1.0.3
npm
mjml
1.0.4
npm
mjml
1.1.0
npm
mjml
1.2.0
npm
mjml
1.2.1
npm
mjml
1.3.0-beta.9
npm
mjml
1.3.0-beta3
npm
mjml
1.3.0-beta4
npm
mjml
1.3.0-beta5
npm
mjml
1.3.0-beta6
npm
mjml
1.3.0-beta7
npm
mjml
1.3.0-beta8
npm
mjml
1.3.0-beta9
npm
mjml
1.3.0-beta
npm
mjml
1.3.0
npm
mjml
1.3.1
npm
mjml
1.3.2
npm
mjml
1.3.3
npm
mjml
1.3.4-beta.1
npm
mjml
1.3.4-beta.2
npm
mjml
1.3.4-beta.3
npm
mjml
1.3.4
npm
mjml
2.0.0-beta.3
npm
mjml
2.0.0-beta.4
npm
mjml
2.0.0-beta.5
npm
mjml
2.0.0-beta.6
npm
mjml
2.0.0
npm
mjml
2.0.1
npm
mjml
2.0.2
npm
mjml
2.0.3
npm
mjml
2.1.0-beta.1
npm
mjml
2.1.0-beta.2
npm
mjml
2.1.0-beta.3
npm
mjml
2.1.0-beta.4
npm
mjml
2.1.0-beta.5
npm
mjml
2.1.0
npm
mjml
2.1.1
npm
mjml
2.1.3
npm
mjml
2.1.4-beta.1
npm
mjml
2.1.4-beta.2
npm
mjml
2.1.4
npm
mjml
2.1.5-beta.1
npm
mjml
2.2.0
1-50 of 166
CVE-2025-67898 | Components Impacted | Sonatype Guide | Sonatype Guide
