4 matches found
EUVD-2021-2003
Malware in sbrugna...
CVE-2021-32822
The npm hbs package is an Express view engine wrapper for Handlebars. Depending on usage, users of hbs may be vulnerable to a file disclosure vulnerability. There is currently no patch for this vulnerability. hbs mixes pure template data with engine configuration options through the Express rende...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Squirrelly
CVE-2021-32819 CVE-2021-32819 : SquirrellyJS mixes pure templa...
Remote Code Execution (RCE)
squirrelly is vulnerable to remote code execution. The vulnerability exists because of an insecure template handling, allowing overwriting of internal configuration options that can trigger remote code execution...