pkg:Debian/node-handlebars

10 total CVEsCRITICAL4HIGH5MEDIUM1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2026-33937Handlebars.js has JavaScript Injection via AST Type Confusion
    from 0
  • CRITICAL9.8CVE-2021-23383Prototype Pollution in handlebars
    from 0, < 3:4.7.6+~4.1.0-2
  • CRITICAL9.8CVE-2021-23369Remote code execution in handlebars when compiling templates
    from 0, < 3:4.7.6+~4.1.0-2
  • CRITICAL9.8CVE-2019-19919Prototype Pollution in handlebars
    from 0, < 3:4.5.3-1
  • HIGH8.2CVE-2026-33941Handlebars.js has JavaScript Injection in CLI Precompiler via Unescaped Names and Options
    from 0
  • HIGH8.1CVE-2026-33940Handlebars.js has JavaScript Injection via AST Type Confusion when passing an object as dynamic partial
    from 0
  • HIGH8.1CVE-2026-33938Handlebars.js has JavaScript Injection via AST Type Confusion by tampering @partial-block
    from 0
  • HIGH8.1CVE-2019-20920Arbitrary Code Execution in Handlebars
    from 0, < 3:4.5.3-1
  • HIGH7.5CVE-2026-33939Handlebars.js has Denial of Service via Malformed Decorator Syntax in Template Compilation
    from 0
  • MEDIUM4.7CVE-2026-33916Handlebars.js has Prototype Pollution Leading to XSS through Partial Template Injection
    from 0