Lucene search
K

5 matches found

OSV
OSV
added 2026/03/27 9:17 p.m.7 views

UBUNTU-CVE-2026-33937

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, Handlebars.compile accepts a pre-parsed AST object in addition to a template string. The value field of a NumberLiteral AST node is emitted directly into the generated JavaScript withou...

9.8CVSS6.1AI score0.0178EPSS
Exploits2References6
Vulnrichment
Vulnrichment
added 2026/03/27 9:3 p.m.9 views

CVE-2026-33937 Handlebars.js has JavaScript Injection via AST Type Confusion

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, Handlebars.compile accepts a pre-parsed AST object in addition to a template string. The value field of a NumberLiteral AST node is emitted directly into the generated JavaScript withou...

9.8CVSS6.2AI score0.0178EPSS
Exploits2References3
Debian CVE
Debian CVE
added 2026/03/27 9:3 p.m.6 views

CVE-2026-33937

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, Handlebars.compile accepts a pre-parsed AST object in addition to a template string. The value field of a NumberLiteral AST node is emitted directly into the generated JavaScript withou...

9.8CVSS6AI score0.0178EPSS
Exploits2
ATTACKERKB
ATTACKERKB
added 2026/03/27 9:3 p.m.7 views

CVE-2026-33937

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, Handlebars.compile accepts a pre-parsed AST object in addition to a template string. The value field of a NumberLiteral AST node is emitted directly into the generated JavaScript withou...

9.8CVSS6.2AI score0.0178EPSS
Exploits2References4Affected Software1
OSV
OSV
added 2022/03/28 10:9 a.m.7 views

USN-5348-1 smarty3 vulnerabilities

David Gnedt and Thomas Konrad discovered that Smarty was incorrectly sanitizing the paths present in the templates. An attacker could possibly use this use to read arbitrary files when controlling the executed template. CVE-2018-13982 It was discovered that Smarty was incorrectly sanitizing the...

9.8CVSS7.2AI score0.82316EPSS
Exploits4References7
Rows per page
Query Builder