An Underscore security update has been released for Ubuntu Linux 21.04.

USN-4913-2: Underscore vulnerability

==========================================================================
Ubuntu Security Notice USN-4913-2
April 28, 2021

underscore vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 21.04

Summary:

Underscore could be made to inject arbitrary code if it received a specially
crafted input.

Software Description:
- underscore: Javascript’s functional programming helper library

Details:

USN-4913-1 fixed vulnerabilities in Underscore. This update provides
the corresponding updates for Ubuntu 21.04.

Original advisory details:

It was discovered that Underscore incorrectly handled certain inputs.
An attacker could possibly use this issue to inject arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 21.04:
libjs-underscore 1.9.1~dfsg-1ubuntu0.21.04.1
node-underscore 1.9.1~dfsg-1ubuntu0.21.04.1

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-4913-2
  https://ubuntu.com/security/notices/USN-4913-1
CVE-2021-23358

Package Information:
  https://launchpad.net/ubuntu/+source/underscore/1.9.1~dfsg-1ubuntu0.21.04.1