Search for packages
| purl | pkg:npm/handlebars@4.7.7 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-7nbd-n4ew-guf5 | Prototype Pollution in handlebars The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source. |
CVE-2021-23383
GHSA-765h-qjxv-5f44 |
| VCID-dzh5-u9af-sfdv | Remote code execution in handlebars when compiling templates The package handlebars before 4.7.7 are vulnerable to Remote Code Execution (RCE) when selecting certain compiling options to compile templates coming from an untrusted source. |
CVE-2021-23369
GHSA-f2jv-r9rf-7988 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-07-01T12:24:07.845071+00:00 | GithubOSV Importer | Fixing | VCID-7nbd-n4ew-guf5 | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/02/GHSA-765h-qjxv-5f44/GHSA-765h-qjxv-5f44.json | 36.1.3 |
| 2025-07-01T12:19:57.653066+00:00 | GithubOSV Importer | Fixing | VCID-dzh5-u9af-sfdv | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/05/GHSA-f2jv-r9rf-7988/GHSA-f2jv-r9rf-7988.json | 36.1.3 |