Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Handlebarsjs Security Vulnerabilities

cve
cve

CVE-2021-23383

The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted...

9.8CVSS

9.2AI Score

0.033EPSS

2021-05-04 09:15 AM
124
5
cve
cve

CVE-2021-23369

The package handlebars before 4.7.7 are vulnerable to Remote Code Execution (RCE) when selecting certain compiling options to compile templates coming from an untrusted...

9.8CVSS

9.5AI Score

0.149EPSS

2021-04-12 02:15 PM
156
3
cve
cve

CVE-2019-20922

Handlebars before 4.4.5 allows Regular Expression Denial of Service (ReDoS) because of eager matching. The parser may be forced into an endless loop while processing crafted templates. This may allow attackers to exhaust system...

7.5CVSS

7.3AI Score

0.002EPSS

2020-09-30 06:15 PM
74
cve
cve

CVE-2019-20920

Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrary Code Execution. The lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript. This can be used to run arbitrary code on a server processing Handlebars...

8.1CVSS

8.1AI Score

0.007EPSS

2020-09-30 06:15 PM
96