VulnerableCode Package Details - pkg:npm/handlebars@4.1.2

Search for packages

Package details: pkg:npm/handlebars@4.1.2

Essentials
History (1)

purl	pkg:npm/handlebars@4.1.2

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-nd82-9gng-x3eg	Prototype Pollution in handlebars Versions of `handlebars` prior to 4.0.14 are vulnerable to Prototype Pollution. Templates may alter an Objects' prototype, thus allowing an attacker to execute arbitrary code on the server. ## Recommendation For handlebars 4.1.x upgrade to 4.1.2 or later. For handlebars 4.0.x upgrade to 4.0.14 or later.	GHSA-q42p-pg8m-cqh6

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-01T12:22:20.006888+00:00	GithubOSV Importer	Fixing	VCID-nd82-9gng-x3eg	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/06/GHSA-q42p-pg8m-cqh6/GHSA-q42p-pg8m-cqh6.json	36.1.3