Описание
The package handlebars before 4.7.7 are vulnerable to Remote Code Execution (RCE) when selecting certain compiling options to compile templates coming from an untrusted source.
Ссылки
- PatchThird Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
EPSS
5.6 Medium
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
Связанные уязвимости
The package handlebars before 4.7.7 are vulnerable to Remote Code Execution (RCE) when selecting certain compiling options to compile templates coming from an untrusted source.
The package handlebars before 4.7.7 are vulnerable to Remote Code Execution (RCE) when selecting certain compiling options to compile templates coming from an untrusted source.
The package handlebars before 4.7.7 are vulnerable to Remote Code Exec ...
Remote code execution in handlebars when compiling templates
EPSS
5.6 Medium
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2