pkg:gem/handlebars-source
Type
gem
Name
handlebars-source
Known advisories, vulnerabilities and fixes for handlebars-source package.
- Repository
- https://rubygems.org/gems/handlebars-source
Critical
2
None
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | < 4.0.0 | RUBYSEC:HANDLEBARS-SOURCE-131671 | handlebars.js - quoteless attributes in templates can lead to XSS |
2015-08-24T00:00:00
(9 years ago) |
|||
Fixed | >= 4.0.0 | RUBYSEC:HANDLEBARS-SOURCE-131671 | handlebars.js - quoteless attributes in templates can lead to XSS |
2015-08-24T00:00:00
(9 years ago) |
|||
Affected | < 4.7.7 |
CVE-2021-23369
|
RUBYSEC:HANDLEBARS-SOURCE-2021-23369 | Remote code execution in handlebars when compiling templates | critical |
2021-04-12T00:00:00
(3 years ago) |
|
Fixed | >= 4.7.7 |
CVE-2021-23369
|
RUBYSEC:HANDLEBARS-SOURCE-2021-23369 | Remote code execution in handlebars when compiling templates | critical |
2021-04-12T00:00:00
(3 years ago) |
|
Affected | < 4.7.7 |
CVE-2021-23383
|
RUBYSEC:HANDLEBARS-SOURCE-2021-23383 | Prototype Pollution in handlebars | critical |
2021-05-04T00:00:00
(3 years ago) |
|
Fixed | >= 4.7.7 |
CVE-2021-23383
|
RUBYSEC:HANDLEBARS-SOURCE-2021-23383 | Prototype Pollution in handlebars | critical |
2021-05-04T00:00:00
(3 years ago) |