Lucene search
K

4 matches found

OSV
OSV
added 2026/03/27 9:3 p.m.9 views

CVE-2026-33937 Handlebars.js has JavaScript Injection via AST Type Confusion

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, Handlebars.compile accepts a pre-parsed AST object in addition to a template string. The value field of a NumberLiteral AST node is emitted directly into the generated JavaScript withou...

9.8CVSS6.2AI score0.0178EPSS
Exploits2References10
Snyk
Snyk
added 2026/03/27 6:19 p.m.4 views

Access of Resource Using Incompatible Type ('Type Confusion')

Overview org.webjars.npm:handlebars is an extension to the Mustache templating language. Affected versions of this package are vulnerable to Access of Resource Using Incompatible Type 'Type Confusion' via the compile function. An attacker can execute arbitrary code by supplying a crafted Abstract...

9.8CVSS6.1AI score0.0178EPSS
Exploits2References4
Github Security Blog
Github Security Blog
added 2026/03/27 6:19 p.m.38 views

Handlebars.js has JavaScript Injection via AST Type Confusion

Summary Handlebars.compile accepts a pre-parsed AST object in addition to a template string. The value field of a NumberLiteral AST node is emitted directly into the generated JavaScript without quoting or sanitization. An attacker who can supply a crafted AST to compile can therefore inject and...

9.8CVSS6.2AI score0.0178EPSS
Exploits2References5Affected Software1
OSV
OSV
added 2026/03/27 6:19 p.m.2 views

GHSA-2W6W-674Q-4C4Q Handlebars.js has JavaScript Injection via AST Type Confusion

Summary Handlebars.compile accepts a pre-parsed AST object in addition to a template string. The value field of a NumberLiteral AST node is emitted directly into the generated JavaScript without quoting or sanitization. An attacker who can supply a crafted AST to compile can therefore inject and...

9.8CVSS6.2AI score0.0178EPSS
Exploits2References5
Rows per page
Query Builder