Описание
Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrary Code Execution. The lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript. This can be used to run arbitrary code on a server processing Handlebars templates or in a victim's browser (effectively serving as XSS).
A flaw was found in nodejs-handlebars, where affected versions of handlebars are vulnerable to arbitrary code execution. The package lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript into the system. This issue is used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The highest threat from this vulnerability is to confidentiality.
Отчет
Red Hat Quay includes Handlebars.js as a development dependency. It does not use Handlebars.js at runtime to process templates, so it has been given a low impact rating. Red Hat Virtualization includes Handlebars.js in two components. In ovirt-engine-ui-extentions, the version used is newer and is not affected by this flaw. In ovirt-web-ui, Handlebars.js is included as a development dependency and is not used at runtime to process templates, so it has been given a low impact rating. Red Hat OpenShift Container Platform (OCP) 4 delivers the kibana package, which includes Handlebars.js. From OCP 4.6, the kibana package is no longer shipped and will not be fixed. The openshift4/ose-logging-kibana6 container includes Handlebars.js directly as container first code. The vulnerable version of Handlebars.js is also included in openshift4/ose-grafana, but as the Grafana instance is in read-only mode, the configuration/dashboards cannot be modified.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| OpenShift Service Mesh 1 | kiali | Not affected | ||
| OpenShift Service Mesh 1 | servicemesh-grafana | Will not fix | ||
| Red Hat Advanced Cluster Management for Kubernetes 2 | handlebars | Not affected | ||
| Red Hat OpenShift Container Platform 3.11 | kibana | Will not fix | ||
| Red Hat OpenShift Container Platform 3.11 | openshift3/grafana | Will not fix | ||
| Red Hat OpenShift Container Platform 4 | kibana | Will not fix | ||
| Red Hat OpenShift Container Platform 4 | openshift4/ose-grafana | Will not fix | ||
| Red Hat Virtualization 4 | ovirt-engine-ui-extensions | Not affected | ||
| Red Hat OpenShift Container Platform 4.6 | openshift4/ose-logging-kibana6 | Fixed | RHSA-2021:2500 | 29.06.2021 |
| Red Hat Quay 3 | quay/quay-rhel8 | Fixed | RHSA-2021:3917 | 19.10.2021 |
Показывать по
Дополнительная информация
Статус:
EPSS
8.1 High
CVSS3
Связанные уязвимости
Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrary Code Execution. The lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript. This can be used to run arbitrary code on a server processing Handlebars templates or in a victim's browser (effectively serving as XSS).
Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrary Code Execution. The lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript. This can be used to run arbitrary code on a server processing Handlebars templates or in a victim's browser (effectively serving as XSS).
Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrar ...
EPSS
8.1 High
CVSS3