WS-2019-0103 (Medium) detected in handlebars-3.0.3.tgz - autoclosed
mend-for-github-com opened this issue · 2 comments
mend-for-github-com commented
WS-2019-0103 - Medium Severity Vulnerability
Vulnerable Library - handlebars-3.0.3.tgz
Handlebars provides the power necessary to let you build semantic templates effectively with no frustration
Library home page: https://registry.npmjs.org/handlebars/-/handlebars-3.0.3.tgz
Dependency Hierarchy:
- typedoc-markdown-theme-0.0.4.tgz (Root Library)
- typedoc-0.3.12.tgz
- ❌ handlebars-3.0.3.tgz (Vulnerable Library)
- typedoc-0.3.12.tgz
Vulnerability Details
Handlebars.js before 4.1.0 has Remote Code Execution (RCE)
Publish Date: 2019-01-30
URL: WS-2019-0103
CVSS 2 Score Details (5.5)
Base Score Metrics not available
Suggested Fix
Type: Upgrade version
Origin: handlebars-lang/handlebars.js@edc6220
Release Date: 2019-05-30
Fix Resolution: 4.1.0
mend-for-github-com commented
ℹ️ This issue was automatically closed by WhiteSource because it is a duplicate of an existing issue: #132
mend-for-github-com commented
ℹ️ This issue was automatically closed by WhiteSource because it is a duplicate of an existing issue: #132