| Release | Version |
|---|---|
| buster | 3:4.1.0-1+deb10u3 |
| bullseye | 3:4.7.6+~4.1.0-2 |
| bookworm | 3:4.7.7+~4.1.0-1 |
| trixie | 3:4.7.7+~4.1.0-1 |
| sid | 3:4.7.7+~4.1.0-1 |
| Bug | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2021-23383 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | The package handlebars before 4.7.7 are vulnerable to Prototype Pollut ... |
| Bug | Description |
|---|---|
| CVE-2021-23369 | The package handlebars before 4.7.7 are vulnerable to Remote Code Exec ... |
| CVE-2019-20922 | Handlebars before 4.4.5 allows Regular Expression Denial of Service (R ... |
| CVE-2019-20920 | Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrar ... |
| CVE-2019-19919 | Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Poll ... |