pkg:gem/handlebars-source
Type
gem
Name
handlebars-source
Known advisories, vulnerabilities and fixes for handlebars-source package.
- Repository
- https://rubygems.org/gems/handlebars-source
Critical
2
None
1
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | < 4.0.0 |
 RUBYSEC:HANDLEBARS-SOURCE-131671
|
handlebars.js - quoteless attributes in templates can lead to XSS |
2015-08-24T00:00:00
(9 years ago) |
|||
| Fixed | >= 4.0.0 |
RUBYSEC:HANDLEBARS-SOURCE-131671
|
handlebars.js - quoteless attributes in templates can lead to XSS |
2015-08-24T00:00:00
(9 years ago) |
|||
| Affected | < 4.7.7 |
CVE-2021-23369
|
RUBYSEC:HANDLEBARS-SOURCE-2021-23369
|
Remote code execution in handlebars when compiling templates | critical |
2021-04-12T00:00:00
(3 years ago) |
|
| Fixed | >= 4.7.7 |
CVE-2021-23369
|
RUBYSEC:HANDLEBARS-SOURCE-2021-23369
|
Remote code execution in handlebars when compiling templates | critical |
2021-04-12T00:00:00
(3 years ago) |
|
| Affected | < 4.7.7 |
CVE-2021-23383
|
RUBYSEC:HANDLEBARS-SOURCE-2021-23383
|
Prototype Pollution in handlebars | critical |
2021-05-04T00:00:00
(3 years ago) |
|
| Fixed | >= 4.7.7 |
CVE-2021-23383
|
RUBYSEC:HANDLEBARS-SOURCE-2021-23383
|
Prototype Pollution in handlebars | critical |
2021-05-04T00:00:00
(3 years ago) |