Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

4.2 release is vulnerable to CVE-2021-23369 should update to handlebars 4.7.7 #848

Closed
ghost opened this issue May 10, 2021 · 2 comments · Fixed by #855
Closed

4.2 release is vulnerable to CVE-2021-23369 should update to handlebars 4.7.7 #848

ghost opened this issue May 10, 2021 · 2 comments · Fixed by #855

Comments

@ghost
Copy link

ghost commented May 10, 2021

GHSA-f2jv-r9rf-7988
@avishekghosh017
Copy link

few other vulnerabilities
VULNDB-198882
VULNDB-217761
CVE-2021-23383

loganrosen added a commit to loganrosen/handlebars.java that referenced this issue Jun 14, 2021
@loganrosen
Upgrade to latest handlebars.js (4.7.7)
c21e68a 
Fixes jknack#848.
@loganrosen loganrosen mentioned this issue Jun 14, 2021
Merged
@symphony-youri symphony-youri mentioned this issue Jun 24, 2021
Closed
1 task
@frantuma frantuma mentioned this issue Jun 25, 2021
Closed
1 task
@benzvan benzvan mentioned this issue Sep 13, 2021
Closed
2 tasks
@benzvan
Copy link

benzvan commented Sep 13, 2021

It looks like the CI build failed because of a previous failure. Is the main branch broken?

jknack pushed a commit that referenced this issue Sep 25, 2021
@loganrosen @jknack
Upgrade to latest handlebars.js (4.7.7)
8f36cae 
Fixes #848.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Upgrade to latest handlebars.js (4.7.7) loganrosen/handlebars.java
2 participants
@benzvan @avishekghosh017