Denial of Service in handlebars

GHSA-f52g-6jhx-586p

Published Sep 3, 2020 · Modified Aug 31, 2020

Description

Affected versions of handlebars are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.

Recommendation

Upgrade to version 4.4.5 or later.

References

WEB https://www.npmjs.com/advisories/1300

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes