Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-nhz2-v28w-gye1

Summary

Prototype Pollution in handlebars
The bootstrap-wysihtml5-rails gem includes the vendored JavaScript library 'handlebars.js'.
Versions 0.3.3.7-0.3.3.8 include handlebars 3.0.2, and versions 0.3.3.5-0.3.3.6 include handlebars 1.3.0.

Versions Affected: 0.3.3.5-0.3.3.8
Not affected: < 0.3.3.5
Fixed Versions: None

Versions of handlebars prior to 3.0.8 or 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution.
Templates may alter an Objects' __proto__ and __defineGetter__ properties, which may allow an attacker to execute
arbitrary code through crafted payloads.

Aliases

alias	CVE-2019-19919

alias	GHSA-w457-6q6x-cgp9

Fixed_packages

url	pkg:deb/debian/node-handlebars@3:4.5.3-1?distro=trixie
purl	pkg:deb/debian/node-handlebars@3:4.5.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-handlebars@3:4.5.3-1%3Fdistro=trixie

url pkg:deb/debian/node-handlebars@3:4.7.6%2B~4.1.0-2?distro=trixie

purl pkg:deb/debian/node-handlebars@3:4.7.6%2B~4.1.0-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2r9d-e4z2-ckbh

vulnerability	VCID-4e4r-qabs-cbg7

vulnerability	VCID-4sp5-ymgy-qfg4

vulnerability	VCID-81p2-vehj-hub1

vulnerability	VCID-bkew-8c9k-mbh2

vulnerability	VCID-cxf4-xmgb-aue5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-handlebars@3:4.7.6%252B~4.1.0-2%3Fdistro=trixie

url pkg:deb/debian/node-handlebars@3:4.7.7%2B~4.1.0-1?distro=trixie

purl pkg:deb/debian/node-handlebars@3:4.7.7%2B~4.1.0-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2r9d-e4z2-ckbh

vulnerability	VCID-4e4r-qabs-cbg7

vulnerability	VCID-4sp5-ymgy-qfg4

vulnerability	VCID-81p2-vehj-hub1

vulnerability	VCID-bkew-8c9k-mbh2

vulnerability	VCID-cxf4-xmgb-aue5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-handlebars@3:4.7.7%252B~4.1.0-1%3Fdistro=trixie

url	pkg:deb/debian/node-handlebars@3:4.7.9-5?distro=trixie
purl	pkg:deb/debian/node-handlebars@3:4.7.9-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-handlebars@3:4.7.9-5%3Fdistro=trixie

url pkg:npm/handlebars@3.0.8

purl pkg:npm/handlebars@3.0.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@3.0.8

url pkg:npm/handlebars@4.3.0

purl pkg:npm/handlebars@4.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-25sr-kapq-dbea

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@4.3.0

Affected_packages

url pkg:gem/bootstrap-wysihtml5-rails@0.3.3.6

purl pkg:gem/bootstrap-wysihtml5-rails@0.3.3.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nhz2-v28w-gye1

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/bootstrap-wysihtml5-rails@0.3.3.6

url pkg:gem/bootstrap-wysihtml5-rails@0.3.3.7

purl pkg:gem/bootstrap-wysihtml5-rails@0.3.3.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nhz2-v28w-gye1

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/bootstrap-wysihtml5-rails@0.3.3.7

url pkg:gem/bootstrap-wysihtml5-rails@0.3.3.5

purl pkg:gem/bootstrap-wysihtml5-rails@0.3.3.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nhz2-v28w-gye1

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/bootstrap-wysihtml5-rails@0.3.3.5

url pkg:gem/bootstrap-wysihtml5-rails@0.3.3.8

purl pkg:gem/bootstrap-wysihtml5-rails@0.3.3.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nhz2-v28w-gye1

resource_url http://public2.vulnerablecode.io/packages/pkg:gem/bootstrap-wysihtml5-rails@0.3.3.8

url pkg:npm/handlebars@1.0.2-beta

purl pkg:npm/handlebars@1.0.2-beta

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@1.0.2-beta

url pkg:npm/handlebars@1.0.4-beta

purl pkg:npm/handlebars@1.0.4-beta

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@1.0.4-beta

url pkg:npm/handlebars@1.0.5-beta

purl pkg:npm/handlebars@1.0.5-beta

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@1.0.5-beta

url pkg:npm/handlebars@1.0.6-2

purl pkg:npm/handlebars@1.0.6-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@1.0.6-2

url pkg:npm/handlebars@1.0.6

purl pkg:npm/handlebars@1.0.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@1.0.6

url pkg:npm/handlebars@1.0.7

purl pkg:npm/handlebars@1.0.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@1.0.7

url pkg:npm/handlebars@1.0.8

purl pkg:npm/handlebars@1.0.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@1.0.8

url pkg:npm/handlebars@1.0.9

purl pkg:npm/handlebars@1.0.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@1.0.9

url pkg:npm/handlebars@1.0.10

purl pkg:npm/handlebars@1.0.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@1.0.10

url pkg:npm/handlebars@1.0.11

purl pkg:npm/handlebars@1.0.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@1.0.11

url pkg:npm/handlebars@1.0.12

purl pkg:npm/handlebars@1.0.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@1.0.12

url pkg:npm/handlebars@1.1.0

purl pkg:npm/handlebars@1.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@1.1.0

url pkg:npm/handlebars@1.1.1

purl pkg:npm/handlebars@1.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@1.1.1

url pkg:npm/handlebars@1.1.2

purl pkg:npm/handlebars@1.1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@1.1.2

url pkg:npm/handlebars@1.2.0

purl pkg:npm/handlebars@1.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@1.2.0

url pkg:npm/handlebars@1.2.1

purl pkg:npm/handlebars@1.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@1.2.1

url pkg:npm/handlebars@1.3.0

purl pkg:npm/handlebars@1.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@1.3.0

url pkg:npm/handlebars@2.0.0-alpha.1

purl pkg:npm/handlebars@2.0.0-alpha.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@2.0.0-alpha.1

url pkg:npm/handlebars@2.0.0-alpha.2

purl pkg:npm/handlebars@2.0.0-alpha.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@2.0.0-alpha.2

url pkg:npm/handlebars@2.0.0-alpha.3

purl pkg:npm/handlebars@2.0.0-alpha.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@2.0.0-alpha.3

url pkg:npm/handlebars@2.0.0-alpha.4

purl pkg:npm/handlebars@2.0.0-alpha.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@2.0.0-alpha.4

url pkg:npm/handlebars@2.0.0-beta.1

purl pkg:npm/handlebars@2.0.0-beta.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@2.0.0-beta.1

url pkg:npm/handlebars@2.0.0

purl pkg:npm/handlebars@2.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@2.0.0

url pkg:npm/handlebars@3.0.0

purl pkg:npm/handlebars@3.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@3.0.0

url pkg:npm/handlebars@3.0.1

purl pkg:npm/handlebars@3.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@3.0.1

url pkg:npm/handlebars@3.0.2

purl pkg:npm/handlebars@3.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@3.0.2

url pkg:npm/handlebars@3.0.3

purl pkg:npm/handlebars@3.0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ee9h-dvvt-qyat

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-r2g9-pje8-ykcb

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@3.0.3

url pkg:npm/handlebars@3.0.4

purl pkg:npm/handlebars@3.0.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@3.0.4

url pkg:npm/handlebars@3.0.5

purl pkg:npm/handlebars@3.0.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@3.0.5

url pkg:npm/handlebars@3.0.6

purl pkg:npm/handlebars@3.0.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@3.0.6

url pkg:npm/handlebars@3.0.7

purl pkg:npm/handlebars@3.0.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@3.0.7

url pkg:npm/handlebars@4.0.0

purl pkg:npm/handlebars@4.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-25sr-kapq-dbea

vulnerability	VCID-7c3a-mqkm-3ycc

vulnerability	VCID-cfg5-1ju5-73b1

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@4.0.0

url pkg:npm/handlebars@4.0.1

purl pkg:npm/handlebars@4.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-25sr-kapq-dbea

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@4.0.1

url pkg:npm/handlebars@4.0.2

purl pkg:npm/handlebars@4.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-25sr-kapq-dbea

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@4.0.2

url pkg:npm/handlebars@4.0.3

purl pkg:npm/handlebars@4.0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-25sr-kapq-dbea

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@4.0.3

url pkg:npm/handlebars@4.0.4

purl pkg:npm/handlebars@4.0.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-25sr-kapq-dbea

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@4.0.4

url pkg:npm/handlebars@4.0.5

purl pkg:npm/handlebars@4.0.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-25sr-kapq-dbea

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@4.0.5

url pkg:npm/handlebars@4.0.6

purl pkg:npm/handlebars@4.0.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-25sr-kapq-dbea

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@4.0.6

url pkg:npm/handlebars@4.0.7

purl pkg:npm/handlebars@4.0.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-25sr-kapq-dbea

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@4.0.7

url pkg:npm/handlebars@4.0.8

purl pkg:npm/handlebars@4.0.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-25sr-kapq-dbea

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@4.0.8

url pkg:npm/handlebars@4.0.9

purl pkg:npm/handlebars@4.0.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-25sr-kapq-dbea

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@4.0.9

url pkg:npm/handlebars@4.0.10

purl pkg:npm/handlebars@4.0.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-25sr-kapq-dbea

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@4.0.10

url pkg:npm/handlebars@4.0.11

purl pkg:npm/handlebars@4.0.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-25sr-kapq-dbea

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@4.0.11

url pkg:npm/handlebars@4.0.12

purl pkg:npm/handlebars@4.0.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-25sr-kapq-dbea

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@4.0.12

url pkg:npm/handlebars@4.0.13

purl pkg:npm/handlebars@4.0.13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-25sr-kapq-dbea

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@4.0.13

url pkg:npm/handlebars@4.0.14

purl pkg:npm/handlebars@4.0.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-25sr-kapq-dbea

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@4.0.14

url pkg:npm/handlebars@4.1.0

purl pkg:npm/handlebars@4.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-25sr-kapq-dbea

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@4.1.0

url pkg:npm/handlebars@4.1.1

purl pkg:npm/handlebars@4.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-25sr-kapq-dbea

vulnerability	VCID-f1td-t6kf-wfcm

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@4.1.1

url pkg:npm/handlebars@4.1.2-0

purl pkg:npm/handlebars@4.1.2-0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-25sr-kapq-dbea

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@4.1.2-0

url pkg:npm/handlebars@4.1.2

purl pkg:npm/handlebars@4.1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-25sr-kapq-dbea

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@4.1.2

url pkg:npm/handlebars@4.2.0

purl pkg:npm/handlebars@4.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-25sr-kapq-dbea

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@4.2.0

url pkg:npm/handlebars@4.2.1

purl pkg:npm/handlebars@4.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-25sr-kapq-dbea

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@4.2.1

url pkg:npm/handlebars@4.2.2

purl pkg:npm/handlebars@4.2.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-25sr-kapq-dbea

vulnerability	VCID-nhz2-v28w-gye1

vulnerability	VCID-q9rt-jtx1-hybx

vulnerability	VCID-s9ab-ntdt-vkgd

vulnerability	VCID-uv5v-22z9-fbfg

vulnerability	VCID-xxez-8xav-cfdz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/handlebars@4.2.2

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19919.json

reference_id

reference_type

scores

value	4.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19919.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-19919

reference_id

reference_type

scores

value	0.24752
scoring_system	epss
scoring_elements	0.96248
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-19919

reference_url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19919

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19919

reference_url

https://github.com/advisories/GHSA-w457-6q6x-cgp9

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements

url

https://github.com/advisories/GHSA-w457-6q6x-cgp9

reference_url

https://github.com/handlebars-lang/handlebars.js/commit/156061eb7707575293613d7fdf90e2bdaac029ee

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/handlebars-lang/handlebars.js/commit/156061eb7707575293613d7fdf90e2bdaac029ee

reference_url

https://github.com/handlebars-lang/handlebars.js/commit/90ad8d97ad2933852fb83fcc054699dc99e094db

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/handlebars-lang/handlebars.js/commit/90ad8d97ad2933852fb83fcc054699dc99e094db

reference_url

https://github.com/Nerian/bootstrap-wysihtml5-rails/blob/master/vendor/assets/javascripts/bootstrap-wysihtml5/handlebars.runtime.min.js

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/Nerian/bootstrap-wysihtml5-rails/blob/master/vendor/assets/javascripts/bootstrap-wysihtml5/handlebars.runtime.min.js

reference_url

https://github.com/Nerian/bootstrap-wysihtml5-rails/tree/master/vendor/assets/javascripts/bootstrap-wysihtml5

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/Nerian/bootstrap-wysihtml5-rails/tree/master/vendor/assets/javascripts/bootstrap-wysihtml5

reference_url

https://github.com/wycats/handlebars.js

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/wycats/handlebars.js

reference_url

https://github.com/wycats/handlebars.js/commit/2078c727c627f25d4a149962f05c1e069beb18bc

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/wycats/handlebars.js/commit/2078c727c627f25d4a149962f05c1e069beb18bc

reference_url

https://github.com/wycats/handlebars.js/issues/1558

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/wycats/handlebars.js/issues/1558

reference_url	https://www.npmjs.com/advisories/1164
reference_id
reference_type
scores
url	https://www.npmjs.com/advisories/1164

reference_url

https://www.tenable.com/security/tns-2021-14

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.tenable.com/security/tns-2021-14

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1789959
reference_id	1789959
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1789959

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-19919

reference_id

CVE-2019-19919

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-19919

reference_url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap-wysihtml5-rails/CVE-2019-19919.yml

reference_id

CVE-2019-19919.YML

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap-wysihtml5-rails/CVE-2019-19919.yml

reference_url	https://access.redhat.com/errata/RHSA-2023:1334
reference_id	RHSA-2023:1334
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1334

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	74
name	Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
description	The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

cwe_id	78
name	Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
description	The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1321
name	Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
description	The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype.

cwe_id	471
name	Modification of Assumed-Immutable Data (MAID)
description	The product does not properly protect an assumed-immutable element from being modified by an attacker.

Exploits

Severity_range_score 4.2 - 10.0

Exploitability 0.5

Weighted_severity 9.0

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nhz2-v28w-gye1

Vulnerability Instance