Information on source package node-handlebars

Available versions

ReleaseVersion
bullseye3:4.7.6+~4.1.0-2
bookworm3:4.7.7+~4.1.0-1
trixie3:4.7.7+~4.1.0-1
forky3:4.7.9-5
sid3:4.7.9-5

Open issues

BugbullseyebookwormtrixieforkysidDescription
CVE-2026-33941vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA)fixedfixedHandlebars provides the power necessary to let users build semantic te ...
CVE-2026-33940vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA)fixedfixedHandlebars provides the power necessary to let users build semantic te ...
CVE-2026-33939vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA)fixedfixedHandlebars provides the power necessary to let users build semantic te ...
CVE-2026-33938vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA)fixedfixedHandlebars provides the power necessary to let users build semantic te ...
CVE-2026-33937vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA)fixedfixedHandlebars provides the power necessary to let users build semantic te ...
CVE-2026-33916vulnerable (no DSA, ignored)vulnerablevulnerablefixedfixedHandlebars provides the power necessary to let users build semantic te ...

Resolved issues

BugDescription
CVE-2021-23383The package handlebars before 4.7.7 are vulnerable to Prototype Pollut ...
CVE-2021-23369The package handlebars before 4.7.7 are vulnerable to Remote Code Exec ...
CVE-2019-20922Handlebars before 4.4.5 allows Regular Expression Denial of Service (R ...
CVE-2019-20920Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrar ...
CVE-2019-19919Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Poll ...
Search for package or bug name: Reporting problems