VDB
DEBIAN-CVE-2021-23369
DEBIAN-CVE-2021-23369
PUBLISHED
CVSS 9.800000190734863 CRITICAL
The package handlebars before 4.7.7 are vulnerable to Remote Code Execution (RCE) when selecting certain compiling options to compile templates coming from an untrusted source.
Risk Scores
CVSS v3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | node-handlebars | 0, 0, 0 |
| Debian:13 | node-handlebars | 0, 0, 0 |
| Debian:12 | node-handlebars | 0, 0, 0 |
| Debian:14 | node-handlebars | 0, 0, 0 |
Timeline
- Apr 12, 2021 CVE Published
- Apr 28, 2026 CVE Updated