Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NPM Audit Security Issue with handlebars #185

Closed
cholz opened this issue Nov 5, 2019 · 2 comments
Closed

NPM Audit Security Issue with handlebars #185

cholz opened this issue Nov 5, 2019 · 2 comments
Labels
deps

Comments

@cholz
Copy link

cholz commented Nov 5, 2019

$ npm audit

                   === npm audit security report ===


                             Manual Review
         Some vulnerabilities require your attention to resolve

      Visit https://go.npm.me/audit-guide for additional guidance

Moderate Denial of Service

Package handlebars

Patched in >=4.4.5

Dependency of hbs

Path hbs > handlebars

More info https://nodesecurity.io/advisories/1300

found 1 moderate severity vulnerability in 1765404 scanned packages
1 vulnerability requires manual review. See the full report for details.

Kind regards..
@dougwilson
Copy link
Contributor

In progress PR: #184

@emilchristensen
Copy link

Another security audit issue with Handlebars just showed up. Should be patched in >=4.5.2

High          │ Arbitrary Code Execution
Package       │ handlebars
Patched in    │ >=4.5.2
Dependency of │ hbs
Path          │ hbs > handlebars
More info     │ https://npmjs.com/advisories/1316

@frankhale frankhale mentioned this issue Nov 26, 2019
Closed
@MaximDevoir MaximDevoir mentioned this issue Dec 2, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
deps
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dougwilson @emilchristensen @cholz