3 matches found
CVE-2021-23369
CVE-2021-23369 affects handlebars.js prior to 4.7.7. It allows remote code execution when compiling templates from untrusted sources due to how certain compiling options are handled. The vulnerability is described in vendor advisories (e.g., IBM bulletin referencing Node.js handlebars module) and...
CVE-2021-23383
The CVE-2021-23383 issue affects the handlebars library before 4.7.7. It enables Prototype Pollution when compiling templates from an untrusted source. CVSS data indicates high/critical risk (NETWORK, no auth, no user interaction; impact on confidentiality, integrity, availability). Remediation: ...
CVE-2019-20920
Technical details about CVE-2019-20920 are not publicly available in the provided connected documents. Monitor for updates.