You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Snyk Description: ## Overview handlebars is an extension to the Mustache templating language.
Affected versions of this package are vulnerable to Arbitrary Code Execution. The package's lookup helper doesn't validate templates correctly, allowing attackers to submit templates that execute arbitrary JavaScript in the system.
Remediation
Upgrade handlebars to version 4.5.3, 3.0.8 or higher.
Package Name: handlebars
Package Version: ['4.0.5']
Package Manager: npm
Target File: package.json
Severity Level: high
Snyk ID: SNYK-JS-HANDLEBARS-534478
Snyk CVE: CVE-2019-20920
Snyk CWE: CWE-94
Link to issue in Snyk: https://app.snyk.io/org/cse_rhicksiii91/project/14f822de-b806-4bd7-9ad2-767a7feebe1d
Snyk Description: ## Overview
handlebars is an extension to the Mustache templating language.
Affected versions of this package are vulnerable to Arbitrary Code Execution. The package's lookup helper doesn't validate templates correctly, allowing attackers to submit templates that execute arbitrary JavaScript in the system.
Remediation
Upgrade
handlebarsto version 4.5.3, 3.0.8 or higher.References
The text was updated successfully, but these errors were encountered: