VDB

CVE-2021-23383

CVE-2021-23383 PUBLISHED

The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source.

EPSS 5.67% · 90.6th percentile

Risk Scores

EPSS Score
5.67%
90.6th percentile

Affected Products

VendorProductVersions
Ubuntu:25.10node-handlebars0, 3:4.7.7+~4.1.0-1
Ubuntu:20.04:LTSnode-handlebars*, 0, 3:4.1.0-1
Ubuntu:24.04:LTSnode-handlebars0, 3:4.7.7+~4.1.0-1
Ubuntu:22.04:LTSnode-handlebars0, 3:4.7.6+~4.1.0-2, 3:4.7.7+~4.1.0-1
Ubuntu:18.04:LTSnode-handlebars0, *

Exploit Intelligence

…and 51 more exploits

Timeline

  • Oct 23, 2018 PoC Published
  • May 4, 2021 EPSS Score
  • May 4, 2021 CVE Published
  • Jan 6, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Jul 27, 2023 EPSS Score
  • Dec 9, 2023 EPSS Score
  • Sep 16, 2024 CVE Updated
  • Mar 17, 2025 EPSS Score
  • Mar 20, 2025 EPSS Score
  • Mar 27, 2025 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›