2 matches found
CVE-2021-32820
Express-handlebars is a Handlebars view engine for Express. Express-handlebars mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications. This potential...
@42mo/42mo-web-styles (>=0.0.16 <=0.0.30), @absa-subatomic/openshift-api (>=0.0.1 <=0.0.2) +771 more potentially affected by CVE-2021-32820 via express-handlebars (>=1.0.1 <=5.3.0)
express-handlebars NPM version =1.0.1, =0.0.16, =0.0.1, =2.0.1, =2.6.4, =1.0.0, =0.3.85, =1.0.5-master.20190403074739, =1.0.0-M.5a, =1.0.0-drift-sdm.20190822144852, =0.1.0-master.20191109234452, =0.1.0, =0.1.1, =0.1.0-ipcrm-custom-event.20191122150318, =0.1.15, =0.1.29-master.20190822002550,...