Search for vulnerabilities
| Vulnerability ID | VCID-kbwm-qza1-jqfz |
| Aliases |
GHSA-f52g-6jhx-586p
|
| Summary | Denial of Service in handlebars Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later. |
| Status | Published |
| Exploitability | None |
| Weighted Severity | None |
| Risk | None |
| Affected and Fixed Packages | Package Details |
| System | Score | Found at |
|---|---|---|
| cvssv3.1_qr | MODERATE | https://github.com/advisories/GHSA-f52g-6jhx-586p |
| generic_textual | MODERATE | https://www.npmjs.com/advisories/1300 |
| Reference id | Reference type | URL |
|---|---|---|
| https://www.npmjs.com/advisories/1300 | ||
| GHSA-f52g-6jhx-586p | https://github.com/advisories/GHSA-f52g-6jhx-586p |
No EPSS data available for this vulnerability.
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2025-07-01T12:16:36.513110+00:00 | GithubOSV Importer | Import | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/09/GHSA-f52g-6jhx-586p/GHSA-f52g-6jhx-586p.json | 36.1.3 |