WS-2019-0103 (Medium) detected in handlebars-4.0.12.tgz #12

mend-bolt-for-github · 2019-07-14T03:39:48Z

WS-2019-0103 - Medium Severity Vulnerability

Vulnerable Library - handlebars-4.0.12.tgz

Handlebars provides the power necessary to let you build semantic templates effectively with no frustration

Path to dependency file: /roncli.com/roncli.com/package.json

Path to vulnerable library: /roncli.com/roncli.com/node_modules/handlebars/package.json

Dependency Hierarchy:

Vulnerability Details

Handlebars.js before 4.1.0 has Remote Code Execution (RCE)

Publish Date: 2019-05-30

CVSS 2 Score Details (5.5)

Base Score Metrics not available

Suggested Fix

Type: Upgrade version

Release Date: 2019-05-30

Fix Resolution: 4.0.13

Step up your Open Source Security Game with WhiteSource here

The text was updated successfully, but these errors were encountered:

Fixes #11 and #12.

roncli · 2019-07-31T19:49:03Z

Fixed by 74d04c0.

mend-bolt-for-github bot added the security vulnerability label Jul 14, 2019

roncli added a commit that referenced this issue Jul 31, 2019

Upgrade Handlebars dependency.

74d04c0

Fixes #11 and #12.

roncli closed this as completed Jul 31, 2019