Lucene search

BIT-handlebars-2021-32820

🗓️ 06 Mar 2024 10:54:52Reported by GoogleType

osv🔗 osv.dev👁 11 Views

Express-handlebars is a view engine for Express, mixing template data with configuration. The layout parameter may trigger file disclosure vulnerabilities, restricted to files with existing extensions

Reporter	Title	Published	Views	Family All 10
Github Security Blog	Insecure template handling in Express-handlebars	10 Feb 202223:35	–	github
OSV	CVE-2021-32820	14 May 202119:15	–	osv
OSV	Insecure template handling in Express-handlebars	10 Feb 202223:35	–	osv
CVE	CVE-2021-32820	14 May 202119:15	–	cve
Veracode	Information Disclosure	17 May 202103:35	–	veracode
Nuclei	Express-handlebars - Local File Inclusion	21 Jul 202105:10	–	nuclei
Prion	Information disclosure	14 May 202119:15	–	prion
Cvelist	CVE-2021-32820 File disclosure in Express Handlebars	14 May 202118:25	–	cvelist
NVD	CVE-2021-32820	14 May 202119:15	–	nvd
IBM Security Bulletins	Security Bulletin: IBM Security SOAR is using a component with known vulnerabilities - Handlebars.js ( CVE-2019-19919, CVE-2021-32820)	16 Jul 202111:00	–	ibm

Source	Link
github	www.github.com/express-handlebars/express-handlebars/blob/78c47a235c4ad7bc2674bddd8ec2721567ed8c72/README.md
github	www.github.com/express-handlebars/express-handlebars/commit/78c47a235c4ad7bc2674bddd8ec2721567ed8c72
github	www.github.com/express-handlebars/express-handlebars/pull/163
securitylab	www.securitylab.github.com/advisories/GHSL-2021-018-express-handlebars/
npmjs	www.npmjs.com/package/express-handlebars

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

06 Mar 2024 10:52Current

8.7High risk

Vulners AI Score8.7

CVSS38.6

EPSS0.0459