CVE-2021-23383
ADVISORY - githubSummary
The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source.
Common Weakness Enumeration (CWE)
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
Improper Control of Generation of Code ('Code Injection')
NIST
2.2
CVSS SCORE
5.6mediumGitHub
3.9
CVSS SCORE
9.8criticalDebian
-
Ubuntu
3.9
CVSS SCORE
9.8mediumRed Hat
3.9
CVSS SCORE
9.8mediumChainguard
CGA-2cg2-8m24-9v59
-
Chainguard
CGA-3chc-m6x4-v9gp
-
Chainguard
CGA-3h62-wh7r-4jxc
-
Chainguard
CGA-425x-2rfx-jvcp
-
Chainguard
CGA-522j-73h3-6f4m
-
Chainguard
CGA-58cq-vrv3-m5fv
-
Chainguard
CGA-8xxh-98gp-rfxf
-
Chainguard
CGA-9269-8cff-mf5w
-
Chainguard
CGA-9v8r-hxm9-v7v4
-
Chainguard
CGA-9w83-pccr-cxvw
-
Chainguard
CGA-c3r7-5r9m-rxjf
-
Chainguard
CGA-cjx3-fmgv-3rf4
-
Chainguard
CGA-g2j9-gfxv-crmh
-
Chainguard
CGA-g35w-3qjg-wrvv
-
Chainguard
CGA-g4jv-pm4p-48vf
-
Chainguard
CGA-gg8f-xq74-g2rf
-
Chainguard
CGA-gmf2-68r8-3ggf
-
Chainguard
CGA-h394-5gmp-8wfr
-
Chainguard
CGA-hhp6-g3v4-5p2c
-
Chainguard
CGA-mcxw-pf7f-cfjw
-
Chainguard
CGA-q393-w3cg-x577
-
Chainguard
CGA-q4hc-w462-c22w
-
Chainguard
CGA-qr7f-ph8q-2795
-
Chainguard
CGA-r797-c9rp-gh8w
-
Chainguard
CGA-rp6g-6jr6-7r2f
-
Chainguard
CGA-v5q5-fm69-53pm
-
Chainguard
CGA-vg6w-w8vq-crf5
-
Chainguard
CGA-vpg3-h923-px5f
-
Chainguard
CGA-xcxc-g9r2-wfqv
-
Chainguard
CGA-xpjq-7545-x4jr
-
intheWild
-
-