Open mend-for-github-com[bot] opened 3 years ago
:heavy_check_mark: This issue was automatically closed by WhiteSource because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the WhiteSource inventory.
:information_source: This issue was automatically re-opened by WhiteSource because the vulnerable library in the specific branch(es) has been detected in the WhiteSource inventory.
WS-2019-0103 - Medium Severity Vulnerability
handlebars-4.0.10.min.js
Handlebars provides the power necessary to let you build semantic templates effectively with no frustration
Library home page: https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/4.0.10/handlebars.min.js
Dependency Hierarchy:
handlebars-4.0.10.js
Handlebars provides the power necessary to let you build semantic templates effectively with no frustration
Library home page: https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/4.0.10/handlebars.js
Dependency Hierarchy:
Found in HEAD commit: b011a55ee3bfce5d2fedf4fd780e4196d446c504
Found in base branch: gh-pages
Handlebars.js before 4.1.0 has Remote Code Execution (RCE)
Publish Date: 2019-01-30
URL: WS-2019-0103
Base Score Metrics not available
Type: Upgrade version
Origin: https://github.com/wycats/handlebars.js/commit/edc6220d51139b32c28e51641fadad59a543ae57
Release Date: 2019-05-30
Fix Resolution: 4.1.0