Lucene search
K

4 matches found

BDU FSTEC
BDU FSTEC
added 2021/09/20 12:0 a.m.4 views

The vulnerability of the Handlebars template creation tool is related to errors in code generation. This allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Handlebars template creation tool is related to errors in code generation. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

9.8CVSS7.1AI score0.04506EPSS
Exploits1References5Affected Software2
OSV
OSV
added 2021/05/14 7:15 p.m.14 views

CVE-2021-32817

express-hbs is an Express handlebars template engine. express-hbs mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications. This potential vulnerability...

6.8CVSS6.7AI score
Exploits0References4
Cvelist
Cvelist
added 2021/05/14 6:15 p.m.13 views

CVE-2021-32817 File disclosure in express-hbs

express-hbs is an Express handlebars template engine. express-hbs mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications. This potential vulnerability...

5.4CVSS6.9AI score0.01268EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2020/09/30 12:30 p.m.43 views

CVE-2019-20920

Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrary Code Execution. The lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript. This can be used to run arbitrary code on a server processing Handlebars...

8.1CVSS8.9AI score0.03193EPSS
Exploits1
Rows per page
Query Builder