Source: node-handlebars Version: 3:4.0.10-5 Severity: grave Tags: security upstream
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 At https://snyk.io/vuln/SNYK-JS-HANDLEBARS-173692 this is reported: > Affected versions of this package are vulnerable to Prototype Pollution. > Templates may alter an Objects' prototype, thus allowing an attacker to > execute arbitrary code on the server. All releases of handlebars older than 4.0.13 should be affected. - Jonas -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAlxxVXoACgkQLHwxRsGg ASGoEA/+NGvVunzYs3SvvZRC8SaGuV8s3I9BolYz9w5/HA2jks61I0QPKL+NioOC Ky9+4X0nIQcsotu3eOJe3q7abbRrSdILO00RmvFsoHlHeSBYqQB+FoAG439QyNmb vzPaJ0cU2h+WujuCZxRI2kl0xcUzchHq2iEqJW2aueEuxhdOAPCrykzDWo6bL8FU mknTpLeukJ7Ownj7H3XbT8z2pFZ1Pv2sq4UsMEcu6FljGec9qWm1Ohn0qq9WQYrP a2zhQpF77QhDDUEBVP/HeQTx4In8RetM4Iim3XH93KG5j1VY8R+2pVbynbMWbk6c C6h1vm6hezmtiuJtw6p5oy5Kda1/waxFaIUfCHIF9DhdTV2ZY74MapdC2e8HAD9g iKq9Eq2P+OYMBkGRbcAvOcUQgpX4dJWihelv1DJQJWYbYCJaG+hTUd+S0cHakfLa +IdiZ3h4dVUmIuWKV1fmUhUBWnr7mHTPLe4tiIQqqD3T51zIUO1xMu953L0xprH2 UdESnJG4ySryK06SKaljtfXRz3WlsPrPGTJu2LYN9Y6xEugu+dm3heqdxnv8Ek4A P2rrPWlULbUI9Rk8lkcFiNLNeS7zzHflcp2qY02CLN8zSGkaBIVf/RKnhSO624pA lV0BTfNiEk2tGAYV8vN/TOcZQb1gQRdT0qoFgU63bQaVvDS7gig= =JfmR -----END PGP SIGNATURE-----
