1. CVE-Search
  2. CVE-2021-23383
ID CVE-2021-23383
Summary The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source.
References
Vulnerable Configurations
  • cpe:2.3:a:handlebarsjs:handlebars:0.9.0:prerelease4:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:0.9.0:prerelease4:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:1.0.0:-:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:1.0.0:-:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:1.0.0:beta1:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:1.0.0:beta1:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:1.0.0:rc1:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:1.0.0:rc1:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:1.0.0:rc2:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:1.0.0:rc2:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:1.0.0:rc3:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:1.0.0:rc3:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:1.0.0:rc4:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:1.0.0:rc4:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:1.0.5:beta:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:1.0.5:beta:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:1.0.6:-:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:1.0.6:-:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:1.0.6:beta:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:1.0.6:beta:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:1.0.6-2:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:1.0.6-2:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:1.0.7:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:1.0.7:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:1.0.8:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:1.0.8:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:1.0.9:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:1.0.9:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:1.0.10:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:1.0.10:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:1.0.11:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:1.0.11:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:1.0.12:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:1.0.12:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:1.1.0:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:1.1.0:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:1.1.1:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:1.1.1:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:1.1.2:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:1.1.2:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:1.2.0:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:1.2.0:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:1.2.1:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:1.2.1:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:1.3.0:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:1.3.0:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:2.0.0:-:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:2.0.0:-:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:2.0.0:alpha1:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:2.0.0:alpha1:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:2.0.0:alpha2:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:2.0.0:alpha2:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:2.0.0:alpha3:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:2.0.0:alpha3:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:2.0.0:alpha4:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:2.0.0:alpha4:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:2.0.0:beta1:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:2.0.0:beta1:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:3.0.0:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:3.0.0:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:3.0.1:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:3.0.1:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:3.0.2:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:3.0.2:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:3.0.3:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:3.0.3:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:3.0.4:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:3.0.4:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:3.0.5:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:3.0.5:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:3.0.6:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:3.0.6:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:3.0.7:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:3.0.7:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:3.0.8:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:3.0.8:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.0.0:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.0.0:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.0.1:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.0.1:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.0.2:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.0.2:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.0.3:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.0.3:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.0.4:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.0.4:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.0.5:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.0.5:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.0.6:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.0.6:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.0.7:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.0.7:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.0.8:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.0.8:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.0.9:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.0.9:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.0.10:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.0.10:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.0.11:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.0.11:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.0.12:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.0.12:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.0.13:-:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.0.13:-:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.0.13:beta0:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.0.13:beta0:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.0.13-0:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.0.13-0:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.0.14:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.0.14:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.1.0:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.1.0:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.1.1:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.1.1:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.1.2:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.1.2:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.1.2-0:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.1.2-0:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.2.0:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.2.0:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.2.1:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.2.1:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.2.2:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.2.2:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.3.0:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.3.0:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.3.1:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.3.1:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.3.2:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.3.2:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.3.3:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.3.3:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.3.4:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.3.4:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.3.5:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.3.5:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.4.0:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.4.0:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.4.1:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.4.1:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.4.2:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.4.2:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.4.3:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.4.3:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.4.4:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.4.4:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.4.5:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.4.5:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.5.0:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.5.0:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.5.1:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.5.1:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.5.2:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.5.2:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.5.3:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.5.3:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.6.0:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.6.0:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.7.0:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.7.0:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.7.1:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.7.1:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.7.2:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.7.2:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.7.3:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.7.3:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.7.4:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.7.4:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.7.5:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.7.5:*:*:*:*:node.js:*:*
  • cpe:2.3:a:handlebarsjs:handlebars:4.7.6:*:*:*:*:node.js:*:*
    cpe:2.3:a:handlebarsjs:handlebars:4.7.6:*:*:*:*:node.js:*:*
  • cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 03-12-2021 - 19:59)
Impact:
Exploitability:
CWE CWE-1321
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
Last major update 03-12-2021 - 19:59
Published 04-05-2021 - 09:15
Last modified 03-12-2021 - 19:59
Back to Top