Skip to main content

Handlebars

2 CVEs product

Monthly

CVE-2021-23383 npm CRITICAL POC PATCH Act Now

The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Prototype Pollution Information Disclosure Handlebars E Series Performance Analyzer
NVD GitHub
CVSS 3.1
9.8
EPSS
4.5%
CVE-2021-23369 LIB CRITICAL POC PATCH Act Now

The package handlebars before 4.7.7 are vulnerable to Remote Code Execution (RCE) when selecting certain compiling options to compile templates coming from an untrusted source. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Handlebars
NVD GitHub
CVSS 3.1
9.8
EPSS
7.0%
EPSS 5% CVSS 9.8
CRITICAL POC PATCH Act Now

The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Prototype Pollution Information Disclosure Handlebars +1
NVD GitHub
EPSS 7% CVSS 9.8
CRITICAL POC PATCH Act Now

The package handlebars before 4.7.7 are vulnerable to Remote Code Execution (RCE) when selecting certain compiling options to compile templates coming from an untrusted source. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Handlebars
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy