Lucene search
K

5 matches found

Github Security Blog
Github Security Blog
added 2021/09/02 5:16 p.m.54 views

Insertion of Sensitive Information into Externally-Accessible File or Directory and Exposure of Sensitive Information to an Unauthorized Actor in hbs

The npm hbs package is an Express view engine wrapper for Handlebars. Depending on usage, users of hbs may be vulnerable to a file disclosure vulnerability. There is currently no patch for this vulnerability. hbs mixes pure template data with engine configuration options through the Express rende...

5.3CVSS0.8AI score0.01178EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2021/08/16 7:15 p.m.22 views

CVE-2021-32822

The npm hbs package is an Express view engine wrapper for Handlebars. Depending on usage, users of hbs may be vulnerable to a file disclosure vulnerability. There is currently no patch for this vulnerability. hbs mixes pure template data with engine configuration options through the Express rende...

5.3CVSS0.01178EPSS
Exploits1References1
Prion
Prion
added 2021/08/16 7:15 p.m.12 views

Arbitrary file deletion

The npm hbs package is an Express view engine wrapper for Handlebars. Depending on usage, users of hbs may be vulnerable to a file disclosure vulnerability. There is currently no patch for this vulnerability. hbs mixes pure template data with engine configuration options through the Express rende...

5CVSS5.3AI score0.01178EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/08/16 6:45 p.m.35 views

CVE-2021-32822 File disclosure in hbs

The npm hbs package is an Express view engine wrapper for Handlebars. Depending on usage, users of hbs may be vulnerable to a file disclosure vulnerability. There is currently no patch for this vulnerability. hbs mixes pure template data with engine configuration options through the Express rende...

4CVSS5.4AI score0.01178EPSS
Exploits1References1
CVE
CVE
added 2021/08/16 6:45 p.m.70 views

CVE-2021-32822

The CVE-2021-32822 entry concerns the npm package hbs, an Express view engine wrapper for Handlebars. Affected component: hbs render flow where template data can be mixed with engine configuration options via the Express render API. Root cause is that internal configuration options can be overwri...

5.3CVSS4.9AI score0.01178EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder