Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

WS-2019-0064

Good to know:

icon
icon

Date: January 30, 2019

Versions of handlebars prior to 4.0.14 are vulnerable to Prototype Pollution. Templates may alter an Objects' prototype, thus allowing an attacker to execute arbitrary code on the server.

Language: JS

Severity Score

Related Resources (3)

https://github.com/wycats/handlebars.js/commit/cd38583216dce3252831916323202749431c773e
https://github.com/wycats/handlebars.js/compare/v4.1.1...v4.1.2
https://www.mend.io/vulnerability-database/WS-2019-0064

Severity Score

Weakness Type (CWE)

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CWE-1321

Top Fix

icon

Upgrade Version

Upgrade to version librenms/librenms - dev-dependabot/npm_and_yarn/axios-1.7.4;librenms/librenms - dev-analysis-GP2gvA;librenms/librenms - dev-CiscoNac;librenms/librenms - dev-ottorei-patch-1;librenms/librenms - dev-ottorei-chrony-docs;librenms/librenms - dev-refactor-discovery;librenms/librenms - 22.4.x-dev;librenms/librenms - dev-dependabot/npm_and_yarn/follow-redirects-1.14.8;librenms/librenms - 22.6.0;librenms/librenms - dev-pr12764;librenms/librenms - 201507;librenms/librenms - dev-analysis-22NN39;librenms/librenms - dev-php73;librenms/librenms - 201606;librenms/librenms - dev-dependabot/composer/composer/composer-2.1.9;librenms/librenms - dev-dependabot/npm_and_yarn/elliptic-6.5.4;librenms/librenms - dev-vlan-discovery-only;librenms/librenms - 1.38-full;evocms/evolution - dev-fix/evo-3x-184;evocms/evolution - dev-Issue24;evocms/evolution - dev-shit-and-sticks;evocms/evolution - 1.4.2;evocms/evolution - dev-users;evocms/evolution - 2.0.0-RC;evocms/evolution - dev-fix/codemirror-remove-addon-tern;evocms/evolution - dev-frozen_urls;evocms/evolution - 1.4.20;evocms/evolution - 3.1.1;evocms/evolution - 3.1.20;evocms/evolution - dev-fix/3x-refactor;evocms/evolution - no_fix;zfcampus/zf-apigility-documentation-swagger - 0.9.0;zfcampus/zf-apigility-documentation-swagger - no_fix;seax_util - 0.1.2;treo/treopim - 3.24.0;treo/treopim - 3.24.1;treo/treopim - 3.25.17-rc5;treo/treopim - 3.20.14;treo/treopim - 3.25.15-rc6;treo/treopim - no_fix;treo/treopim - 3.25.18-rc2;treo/treopim - 3.25.1-rc24;treo/treopim - 3.24.27-rc5;treo/treopim - 3.24.29-rc3;treo/treopim - 3.25.19-rc3;treo/treopim - 3.25.15-rc10;treo/treopim - 3.25.2-rc3;treo/treopim - 3.25.0-rc20;treo/treopim - 3.23.0;treo/treopim - 3.25.8-rc1;treo/treopim - foo;treo/treopim - 3.25.15-rc3;treo/treopim - 3.25.1-rc30;treo/treopim - 3.25.15-rc8;treo/treopim - 3.25.3-rc1;treo/treopim - 3.25.12-rc2;treo/treopim - 3.24.32;treo/treopim - 3.25.5-rc3;rutatiina/accountant - no_fix;tribalsystems/zenario - 7.6.41504;tribalsystems/zenario - 9.2.55826;tribalsystems/zenario - 7.5.40440;tribalsystems/zenario - 7.0.2e;tribalsystems/zenario - 8.2.46436;tribalsystems/zenario - 8.5.51340;tribalsystems/zenario - 8.1.45530;tribalsystems/zenario - 8.0.44237;tribalsystems/zenario - 42085;tribalsystems/zenario - 9.1.55143;tribalsystems/zenario - 9.0.55141;tribalsystems/zenario - 8.3.47997;tribalsystems/zenario - 8.9.55141;tribalsystems/zenario - 7.7.42682;seax_svm - 0.2.8;pharmit/swaggervel - 2.0.x-dev;zaoub/zaoub - no_fix;zaoub/zaoub - 0.1;zaoub/zaoub - dev-dependabot/npm_and_yarn/jquery-3.5.0;zaoub/zaoub - dev-dependabot/npm_and_yarn/lodash-4.17.19;20steps/bricks-rest-core - v1.0.0-beta;20steps/bricks-rest-core - v2.0.0;hasangilak/l5-swagger - 5.0;yangsuda/slimcms - 2.0.1.x-dev;yangsuda/slimcms - 2.0.0;components/handlebars.js - v3.0.8;components/handlebars.js - dev-jaylinski-patch-1;components/handlebars.js - v4.0.13;components/handlebars.js - v3.0.4;appserver-io/appserver - final;appserver-io/appserver - 1.1.27;appserver-io/appserver - 1.1.32;appserver-io/appserver - no_fix;appserver-io/appserver - 1.1.1-alpha1;davigs/swagger-lume - 2.0;dennis1804/iq-swagger - dev-dependabot/composer/illuminate/support-approx-8.16;dennis1804/iq-swagger - no_fix;rutatiina/ui - no_fix;contentasaurus/c-rex-admin - v1.0.7;contentasaurus/c-rex-admin - v1.0.1;tiderjian/think-core - v12.0.5;tiderjian/think-core - v11.13.10;tiderjian/think-core - v11.34.3;tiderjian/think-core - v13.0.0;tiderjian/think-core - v11.34.0;tiderjian/think-core - v11.30.0;tiderjian/think-core - dev-dependabot/npm_and_yarn/asset/libs/label-select/tar-4.4.19;tiderjian/think-core - dev-dependabot/npm_and_yarn/asset/libs/label-select/ajv-6.12.6;tiderjian/think-core - v12.0.8;tiderjian/think-core - v11.19.10;tiderjian/think-core - dev-dependabot/npm_and_yarn/asset/libs/label-select/ssri-6.0.2;tiderjian/think-core - v2.3.5;tiderjian/think-core - v3.1.2;tiderjian/think-core - v7.0.1;tiderjian/think-core - v11.30.4;tiderjian/think-core - v8.0.4;tiderjian/think-core - v8.0.1;tiderjian/think-core - v12.0.0;tiderjian/think-core - v11.34.7;tiderjian/think-core - v7.2.0;tiderjian/think-core - v11.13.4;tiderjian/think-core - v11.x-dev;tiderjian/think-core - v11.33.4;tiderjian/think-core - v11.13.6;tiderjian/think-core - dev-dependabot/npm_and_yarn/asset/libs/label-select/postcss-7.0.36;mreko/l5-swagger - 3.0.1;mreko/l5-swagger - 4.0.1;mreko/l5-swagger - v2.0;treolabs/treocore - 3.25.1-rc24;treolabs/treocore - 3.25.3;treolabs/treocore - 3.25.12-rc4;treolabs/treocore - 3.25.15-rc8;treolabs/treocore - 3.25.17-rc5;treolabs/treocore - 3.24.29-rc3;treolabs/treocore - 3.25.19-rc3;treolabs/treocore - 1.0.0;treolabs/treocore - 3.25.8;treolabs/treocore - 3.25.5-rc3;treolabs/treocore - 3.24.27-rc5;treolabs/treocore - 3.24.32;treolabs/treocore - 3.25.0-rc20;treolabs/treocore - 3.25.15-rc10;treolabs/treocore - 3.24.0;treolabs/treocore - 3.23.0;treolabs/treocore - no_fix;treolabs/treocore - 3.25.15-rc3;treolabs/treocore - 3.25.15-rc6;treolabs/treocore - 3.25.18-rc2;treolabs/treocore - 3.24.1;treolabs/treocore - 3.25.2-rc3;egov/vws - no_fix;magento/community-edition - 2.2.x-dev;magento/community-edition - dev-lenaorobei-patch-2;magento/community-edition - 2.2.0-RC1.1;magento/community-edition - 0.42.0-beta9;magento/community-edition - 0.42.0-beta10;magento/community-edition - dev-converted-magento-magento2-2.4.3;restler/framework - dev-master;restler/framework - 5.0.6;restler/framework - 5.07;restler/framework - 4.0.0;restler/framework - 3.0.0-RC1;davin.bao/apidoc - no_fix;cromwell - 0.30;dolibarr/dolibarr - dev-scrutinizer-patch-2;dolibarr/dolibarr - dev-scrutinizer-patch-4;dolibarr/dolibarr - 12.1.x-dev;dolibarr/dolibarr - 14.0.0;dolibarr/dolibarr - dev-revert-19608-patch-2;dolibarr/dolibarr - dev-revert-15607-12edit-extrafield-computed-multiline;kubotak-is/l5-swagger - v2.0;kubotak-is/l5-swagger - 4.0.1;kubotak-is/l5-swagger - 3.0.1;dreamfactory/app-admin - 1.0.4;dreamfactory/app-admin - no_fix;kennersoft/kennercore - 3.25.37;kennersoft/kennercore - v1.6.6;kennersoft/kennercore - 3.25.35;kennersoft/kennercore - no_fix;kennersoft/kennercore - dev-documentation-v1;dynamic/silverstripe-locator - 1.2.1;dynamic/silverstripe-locator - 1.1.1;antonio-salieri/egctweet_plain - no_fix;dreamfactory/dreamfactory - 2.1.0;dreamfactory/dreamfactory - dev-dependabot/add-v2-config-file;dreamfactory/dreamfactory - dev-feature/df-installer;evolutioncms/evolution - 1.4.17;evolutioncms/evolution - no_fix;evolutioncms/evolution - 1.4.15;evolutioncms/evolution - 1.4.1;evolutioncms/evolution - 3.1.8;evolutioncms/evolution - 1.3.0;evolutioncms/evolution - 3.1.10;evolutioncms/evolution - 3.1.6;dunglas/todomvc-bundle - no_fix;quantimodo/docs - dev-renovate/npm-path-parse-vulnerability;quantimodo/docs - dev-renovate/npm-nanoid-vulnerability;quantimodo/docs - no_fix;quantimodo/docs - dev-renovate/npm-glob-parent-vulnerability;folksyfolks/l5-swagger - 3.1.4;folksyfolks/l5-swagger - 2.1;folksyfolks/l5-swagger - dev-upgrade-to-swagger-ui-4;andriybazyuta/l4-asset-emblem - no_fix;swagger-api/swagger-ui - 3.x-dev;swagger-api/swagger-ui - dev-dependabot/github_actions/master/dependabot/fetch-metadata-2.0.0;dreadnaught/laramie - dev-feature/bulk-hook-refactor;dreadnaught/laramie - dev-dependabot/composer/guzzlehttp/psr7-1.8.5;dreadnaught/laramie - dev-dependabot/npm_and_yarn/src/trix-2.1.9;dreadnaught/laramie - dev-dependabot/npm_and_yarn/src/bulma-1.0.2;dreadnaught/laramie - dev-dependabot/composer/erusev/parsedown-1.7.2;dreadnaught/laramie - dev-main;dreadnaught/laramie - dev-dependabot/npm_and_yarn/src/bulma-1.0.3;dreadnaught/laramie - dev-dependabot/npm_and_yarn/src/tributejs-5.1.3;dreadnaught/laramie - dev-feature/add-way-to-get-underlying-filtered-query-builder;dreadnaught/laramie - dev-dependabot/npm_and_yarn/src/fortawesome/fontawesome-free-6.6.0;dreadnaught/laramie - no_fix;apex/apex - 1.2.16;apex/apex - 1.5.0;yiixwom/yii-xwom - v0.1.2;yiixwom/yii-xwom - no_fix;yiixwom/yii-xwom - 1.0.6;isobar-nz/web-console - 2.0.2;isobar-nz/web-console - 2.1.1;isobar-nz/web-console - 2.0.x-dev;arionum/node - v0.1a;cr3a7ure/core - dev-docminor;cr3a7ure/core - no_fix;cr3a7ure/core - dev-class;ramzyvirani/laravel-boilerplate - dev-snyk-fix-ad10bb3d08f682b4190aefeb23a5c3d5;ramzyvirani/laravel-boilerplate - no_fix;ramzyvirani/laravel-boilerplate - dev-snyk-fix-6118335e7ee4db4dc6929725f8b9be70;firdaushatta/l5-swagger - 5.0;firdaushatta/l5-swagger - dev-firdaushatta-patch-2;firdaushatta/l5-swagger - dev-firdaushatta-patch-1;firdaushatta/l5-swagger - dev-upgrade-to-swagger-ui-4;smskin/l5-swagger - 5.0;squareproton/bond - no_fix;neelbhanushali/laravel-apidocjs - no_fix;guitarpoet/clips-tool - dev-picture;handlebars.js - 4.1.2;jlapp/swaggervel - 2.0.x-dev;tasmaniski/zend-swagger - no_fix;siu-toba/framework - dev-support/v3.3;siu-toba/framework - dev-feature/fixApiKeysByEnv;siu-toba/framework - dev-feature/chngRestExceptions;siu-toba/framework - dev-feature/updateLibs;siu-toba/framework - v3.3.6;siu-toba/framework - dev-feature/addIdFuenteUsuarios;siu-toba/framework - dev-feature/formatoFechaConGuion;nowyouwerkn/wecommerce - dev-main;nowyouwerkn/wecommerce - 1.5;nowyouwerkn/wecommerce - dev-moon;nowyouwerkn/wecommerce - dev-satellite;nowyouwerkn/wecommerce - no_fix;gbksoft/yii2-swagger - v1.0.1;gbksoft/yii2-swagger - v1.1.0;gbksoft/yii2-swagger - v1.0.2;gbksoft/yii2-swagger - v1.0.3;gbksoft/yii2-swagger - v1.0.4;gbksoft/yii2-swagger - v1.0.0;adrexia/silverstripe-gumby-theme - 2;adaclare/server-manager - no_fix;dandisy/webcore-base - 1.0.0;dandisy/webcore-base - no_fix;kamaelkz/yii2-admin-panel - no_fix;darkaonline/l5-swagger - dev-upgrade-to-swagger-ui-4;darkaonline/l5-swagger - v2.0;darkaonline/l5-swagger - 3.0.1;wheelpros/image-generator-plus - 0.42.0-beta10;wheelpros/image-generator-plus - 0.42.0-beta9;wheelpros/image-generator-plus - 2.2.x-dev;wheelpros/image-generator-plus - 2.2.5;basalam/laravel-kendo-ui - no_fix;abs/helper-pkg - no_fix;efwplusRuntime - no_fix;spescina/mediabrowser - 3.0.0;pronto/mobilebundle - 0.1.0;pronto/mobilebundle - 2.0.1-beta1;pronto/mobilebundle - no_fix;pronto/mobilebundle - 0.2.2;sfs/admin-bundle - no_fix;sfs/admin-bundle - 1.0.0;sfs/admin-bundle - dev-feature/sf5;rich2k/l5-swagger - 5.0;shopxo/shopxo - v2.2.7;shopxo/shopxo - v2.2.5.x-dev;shopxo/shopxo - no_fix;shopxo/shopxo - v2.2.0;shopxo/shopxo - 2.1.0;shopxo/shopxo - v2.2.8.x-dev;shopxo/shopxo - v2.0.3;shopxo/shopxo - v2.2.1;luracast/restler - 2.2.0;luracast/restler - 5.07;luracast/restler - 4.0.0;luracast/restler - 5.0.6;luracast/restler - 1.0.20;luracast/restler - dev-features/proxy-api;dhawton/l5-swagger-redoc - 3.0.1;dhawton/l5-swagger-redoc - 4.0.1;dhawton/l5-swagger-redoc - v2.0;antwebes/api-social-bundle - no_fix;brt/blog-bundle - no_fix;brt/blog-bundle - 0.8.0;brt/blog-bundle - 0.8.1;brt/blog-bundle - 0.8.3.2;jnbruno/akeed - 0.0.3;jnbruno/akeed - no_fix;haotx/swagger-lume - no_fix;handlebars - 4.0.14;handlebars - 4.1.2-0;handlebars - 3.0.7;iwanli/laravel5-swagger - no_fix;mmitasch/flow4ember - no_fix;pods-framework/pods - dev-dependabot/npm_and_yarn/multi-cf87d80143;pods-framework/pods - 2.7.2;pods-framework/pods - dev-dependabot/npm_and_yarn/async-2.6.4;pods-framework/pods - dev-feature/4098-wpmu-queries;pods-framework/pods - dev-test/skc-testing-3;pods-framework/pods - dev-dependabot/npm_and_yarn/node-fetch-2.6.7;pods-framework/pods - dev-feature/numbers-support-leading-zeroes;pods-framework/pods - 2.7;pods-framework/pods - dev-feature/2.8/WPML;ci-blox/ignition-go - 1.0.0-beta.1;ci-blox/ignition-go - no_fix;jjdoor/swagger-lume - 2.0;sergeyfast/eazy-jsonrpc - no_fix;sergeyfast/eazy-jsonrpc - v1.0;mpcmf/mpcmf-web-app - no_fix;mpcmf/mpcmf-web-app - 1.0.0.x-dev;hos/hos-framework - no_fix;jagermesh/bright - v2.0.22;ant-ipc-server - no_fix;wheelpros/shipping-method-calculator - 0.42.0-beta9;wheelpros/shipping-method-calculator - 0.42.0-beta10;wheelpros/shipping-method-calculator - 2.2.5;wheelpros/shipping-method-calculator - 2.2.x-dev;latrell/swagger - 1.0.2;vegas-cmf/media - v1.1.x-dev;restaurare/ewlist - no_fix;xjryanse/admin - v0.0.1;xjryanse/admin - v0.0.145;xjryanse/admin - v0.0.148;xjryanse/admin - v0.1.15;danijelsingulatiry98/swaggergen - no_fix;poqcz/restler - 2.2.0;poqcz/restler - 4.0.0;poqcz/restler - dev-master;woldy/cms - no_fix;esandri/swagger-ui-big - dev-cbt-run-e2e;mediabet-kamaelkz/yii2-admin-panel - no_fix;MIDIator.WebClient - 1.0.105;vanderlee/swaggergen - 2.0.1;vanderlee/swaggergen - 2.0-beta-1;vanderlee/swaggergen - no_fix;fxmonster/l5-swagger - 5.0;damian-nz/l5-swagger - no_fix;damian-nz/l5-swagger - 4.0.0;damian-nz/l5-swagger - dev-master;evolution-cms-extras/doclister - no_fix;bmilesp/bootstrap_extend - 2.1.x-dev;bmilesp/bootstrap_extend - no_fix;api-platform/core - dev-sf-dev-2;api-platform/core - v2.1.0-beta.1;acosf/archersys - 1.0;openi-ict/api-builder - no_fix;tiderjian/qscmf - dev-rebuild1;tiderjian/qscmf - v2.0.0;plagtracker/api-client - no_fix;regulus/fractal - v0.4.7;digitalunited/wp-elastic-api - v0.1.4;digitalunited/wp-elastic-api - v0.1;digitalunited/wp-elastic-api - v0.1.3;digitalunited/wp-elastic-api - v0.1.2;w3yyb/phalphp - no_fix;envrin/apex - 1.0.1;envrin/apex - 1.2.2;kbrabrand/silex-swagger-ui - no_fix;opine/layout - v2.0.8;opine/layout - v2.0.2;opine/layout - v2.0.7;opine/layout - v2.0.6;opine/layout - v2.0.1;driberac/blank - no_fix;antonio-salieri/egc_tweet - no_fix;jessekoska/swagger-lume - v2.0.24;juzaweb/l5-swagger - 5.0;perfectpanel/swaggergen - no_fix;Bnsights.Mvc2 - 1.2.1.93;dandisy/laravel-generator - 1.2.7;dandisy/laravel-generator - 1.0.0;dandisy/laravel-generator - dev-dependabot/npm_and_yarn/templates/vuejs/js/eslint-4.19.1;seldatdirect/swagger-lume - no_fix;cargic/blog - no_fix;kjda/translation-bundle - no_fix;bseries/base_core - v1.3.0;bseries/base_core - no_fix;bseries/base_core - v1.0.0;bseries/base_core - v1.5.0;bseries/base_core - v1.4.0;raftx24/l5-swagger - v2.0;raftx24/l5-swagger - 3.0.1;raftx24/l5-swagger - 4.0.1;opencontent/ocwebhookserver-ls - no_fix;opencontent/ocwebhookserver-ls - dev-job-control;opencontent/ocwebhookserver-ls - 1.0.0;opencontent/ocwebhookserver-ls - 1.1.4;govtnz/swagger-ui - v1.0;smellems/wet4 - dev-master;steamuloabeaujou/api-platform - v2.1.0-beta.1;seax_scheme - no_fix;Raml.Parser - 1.0.8;opencontent/ocopendata_forms-ls - 1.6.10;opencontent/ocopendata_forms-ls - 1.5.2;opencontent/ocopendata_forms-ls - no_fix;opencontent/ocopendata_forms-ls - 1.0beta;mymdz/l5-swagger - 5.0;lithiumdev/l5-swagger - v1.0.0;za-web/octo-gallery - no_fix;osfed/l4crud - no_fix;frameworks/handlebars.js - 1.2.0;frameworks/handlebars.js - no_fix;frameworks/handlebars.js - 1.1.0;frameworks/handlebars.js - 0.1.3;osidea/eosadm - no_fix;osidea/eosadm - 0.0.2-beta.1;insidion/swagger-bundle - 1.0.0;helingfeng/l5-swagger - 5.0;flask-apispec - 0.4.0;flask-apispec - 0.7.0;nhiepphong/backend - no_fix;rodchyn/api-platform-core - v2.1.0-beta.1;superup/mobwebbundle - no_fix;imjarek/laravel-swagger - 5.0;pyntax/pyntax - dev-develop/pyntax-api-module;pyntax/pyntax - 0.9.2;allmobilize/amazeui - v1.0.0;dandisy/webcore - 1.0.0;dandisy/webcore - no_fix;dandisy/webcore - 1.0.6;vanthao03596/fortify-limitless - 1.0.2;vjeantet/silex-simple-rest-swagger - no_fix;is-iot-ipc-server - no_fix;kilyakus/yii2-template-engine - no_fix;devisephp/cms - v.2.1.0-beta.4;thinkerforthink/thinker - v1.0.0;sada/sadata-component - no_fix;pleio/pleio_rest - no_fix;keyteqlabs/keymedia-ezpublish - no_fix;keyteqlabs/keymedia-ezpublish - exceed-2.0.0-rc.3;libgraviton/swagger-ui - v1.0;esnanta/yii2-news - dev-update-news;esnanta/yii2-news - no_fix;logiks/logiks-core - no_fix;logiks/logiks-core - v3.0;logiks/logiks-core - v4.0.0;flex360/pilot - dev-dependabot/npm_and_yarn/dns-packet-1.3.4;flex360/pilot - no_fix;askatlas-ai/api-connector - dev-feature/df-installer;jessekoska/swagger-ui-lumen - no_fix;toml - 0.1.27;imikemiller/l5-swagger-redoc - 4.0.1;imikemiller/l5-swagger-redoc - 3.0.1;imikemiller/l5-swagger-redoc - v2.0;sjje/swaggervel - 2.0.x-dev;sjje/swaggervel - dev-master;parm/parm-web - no_fix;msbios/cpanel - v1.0.48;msbios/cpanel - v1.0.44;msbios/cpanel - no_fix;kizi/easyminer-easyminercenter - v2.0;kizi/easyminer-easyminercenter - no_fix;enlx/apidoc-template - 0.1.0;dreamfactory/df-swagger-ui - 0.4.0;dreamfactory/df-swagger-ui - v3.0.0;dreamfactory/df-swagger-ui - no_fix;danijelsingularity98/swaggergen - no_fix;elefant/app-products - 1.0.0;alexmaramaldo/swaggervel-2 - no_fix;rtablada/laravel-faq - 1.0.x-dev;auspice - no_fix;wheelpros/fitment-platform-api - 0.42.0-beta10;wheelpros/fitment-platform-api - 2.2.5;wheelpros/fitment-platform-api - 2.2.x-dev;wheelpros/fitment-platform-api - 0.42.0-beta9;adrexia/silverstripe-pure - no_fix;pmurkin/bootstrapi - no_fix;tractorcow/web-console - v0.9.5;dunglas/api-bundle - v2.0.5;dunglas/api-bundle - v2.0.0-rc.5;dunglas/api-bundle - v2.0.9;dunglas/api-bundle - dev-sf-dev-2;subbly/backend - no_fix;dreamfactory/df-api-docs-ui - 1.1.0;tariqul/multiauth - no_fix;kbrabrand/zf2-swagger-ui - no_fix;RapidFire.View - 1.0.35;RapidFire.View - 3.1.2.8;RapidFire.View - 2.2.2;jinsoft/laravel-swagger - no_fix;dvixi/yii2-alpaca-json - 0.9-dev;dvixi/yii2-alpaca-json - no_fix;tuupke/laravel-swagger - 2.0.0;secp256k1 - 0.6.0;microservice/raptor - no_fix;kevupton/auto-swagger-ui - v0.1.0;zulfajuniadi/php-rest-server - no_fix;g3n1us/editor - no_fix;dandisy/adminlte-templates - 1.2.2;vsmoraes/swagger-ui-bundle - no_fix;vsmoraes/swagger-ui-bundle - v0.1.2;vsmoraes/swagger-ui-bundle - v0.1.0;cal127/phpcrud - v0.1;ralphowino/swagger - no_fix;alt3/cakephp-swagger - no_fix;leaphly/leaphly-sandbox - no_fix;bluzphp/skeleton - 1.0.1;luoxiaojun1992/sf - v1.0.0;dedegunawan/my-framework - no_fix;yanev/laraadmin - no_fix;gzero/api - v0.0.1;gzero/api - v1.0.0;iramgutierrez/lumen-resource-api - no_fix;visiosoft/l5-swagger - 3.x-dev;pwptemplatepusintek - no_fix;bokeh - 0.9.0;dunglas/json-ld-api-bundle - dev-sf-dev-2;kphcdr/ppphp - 2.3.0;kphcdr/ppphp - 1.0;KarmaNodeModules - no_fix;subbly/cms - dev-packaging;SmartAdmin.UI - no_fix;jsdom - 11.11.0;dersam/carty - no_fix;elefant/cms - dev-master;fmarmo/swagger-lume - 2.0;laminas-api-tools/api-tools-documentation-swagger - 1.3.x-dev;zquintana/lara-swag - no_fix;pragmaticlinux/ember - no_fix;jacoob/vino-blog - no_fix;o2relax/laravel-shop - no_fix;lanos/yetiweb - no_fix;Handlebars.js - 4.0.0;Handlebars.js - 4.0.0;gajendrajain20/laravel-pioneer-cms - no_fix;kartik-v/yii2-widget-typeahead - no_fix;Eglober.Ics.Theme - no_fix;computerundsound/curserver - 2.2.0;computerundsound/curserver - no_fix;nehakadam/calenstyle - no_fix;centurion/app - no_fix;keeko/developer-app - v0.2;clubmaster/formextra - no_fix;clubmaster/formextra - 1.0;ea/yii2-contact-manager - no_fix;flask-restful-swagger - no_fix;pmvc-app/swagger_ui - no_fix;speedovation/laravelmart - no_fix;speedovation/laravelmart - 0.2;dingdayu/qiniupan - no_fix;ernestoponce/slimproject - no_fix;SmartTheme.UI - no_fix;superius/omnihubfonts - no_fix;connexion - 2.3.0;magetest/magento - v2.0.1.0;dwij/laraadmin - 1.0.1;codesleeve/sprockets - no_fix;iramgutierrez/laravel-resource-api - 1.0.27;activelamp/swagger-ui-bundle - v0.1.2;activelamp/swagger-ui-bundle - v0.1.0;codesleeve/l4-asset-handlebars - no_fix;riverslei/laravel-swagger - no_fix;yaangvu/swagger-lume - 2.0;xtwoend/minion-cms - no_fix;yangsuda/slimcms-public - no_fix;TRA.EServices.FormBuilder - no_fix;svgsynoptic2 - 4.1.4;mahmoodbabaei/etribes-code-challenge - no_fix;eyecatchup/restler - 0.3.0;tasmaniski/laminas-swagger - no_fix;hadeswang/jlapp-swaggervel - 2.0.x-dev;phprest/phprest-sample-heroku-app - no_fix;open-resource-manager/core - no_fix;EmberJSPackage - no_fix;EmberJS - 1.0.0;EmberJS - 2.2.0;EmberJS - 1.3.0;EmberJS - 1.0.5;Bower - no_fix;Handlebars - 100.0.0;JYM.IdentityServer.Swagger - no_fix;Exceptionless.App - no_fix;Ember.js - no_fix;RS.JS - no_fix;OpenRastaSwagger - 1.0.3.35;ng-grid - 2.0.4;C21.Core.App.Service - no_fix;Xerneas.Template - 1.0.6;C21.Core.App.Domain - no_fix;vSwashbuckle.Core - 1.0.1;Odn.Swagger.Net - no_fix;Ncapsulate.Bower - no_fix;ServiceStack.Api.Swagger - 4.5.12;ServiceStack.Api.Swagger.Signed - 4.5.12;myVisasNodeJs - no_fix;tadpole - no_fix;Moxie - 1.0.4;org.apache.camel:camel-example-swagger-xml:2.17.1;org.apache.camel:camel-example-swagger-xml:2.17.1;org.apache.camel:camel-example-swagger-xml:2.17.1;org.apache.camel:camel-example-swagger-xml:2.17.1;org.jboss.windup.reporting:windup-reporting-impl:6.3.3.Final;org.jboss.windup.reporting:windup-reporting-impl:6.3.4.Final;org.jboss.windup.reporting:windup-reporting-impl:6.3.7.Final;org.jboss.windup.reporting:windup-reporting-impl:6.3.9.Final;org.jboss.windup.reporting:windup-reporting-impl:6.3.8.Final;org.jboss.windup.reporting:windup-reporting-impl:6.3.5.Final;org.jboss.windup.reporting:windup-reporting-impl:6.1.0.Alpha1;org.jboss.windup.reporting:windup-reporting-impl:no_fix;org.jboss.windup.reporting:windup-reporting-impl:6.1.4.Final;org.jboss.windup.reporting:windup-reporting-impl:6.2.0.Alpha1;org.jboss.windup.reporting:windup-reporting-impl:6.1.10.Final;org.jboss.windup.reporting:windup-reporting-impl:6.1.8.Final;org.jboss.windup.reporting:windup-reporting-impl:6.2.5.Final;org.jboss.windup.reporting:windup-reporting-impl:6.3.0.Final;org.jboss.windup.reporting:windup-reporting-impl:6.3.2.Final;org.jboss.windup.reporting:windup-reporting-impl:6.1.3.Final;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;org.webjars.npm:handlebars:4.0.14;org.webjars.npm:handlebars:4.1.2;org.webjars:openui5:1.28.11;org.webjars:openui5:1.28.16;io.fabric8.quickstarts.cxf.jaxrs:spring-boot-cxf-jaxrs-xml:no_fix;org.jboss.weld.probe:weld-probe-core:2.4.2.Final;org.jboss.weld.probe:weld-probe-core:3.0.5.Final;org.jboss.weld.probe:weld-probe-core:2.4.4.Final;org.jboss.weld.probe:weld-probe-core:3.1.0.Beta1;org.jboss.weld.probe:weld-probe-core:3.0.4.Final;org.jboss.weld.probe:weld-probe-core:3.1.1.Final;org.jboss.weld.probe:weld-probe-core:2.4.8.Final;org.jboss.weld.probe:weld-probe-core:3.1.5.Final;org.jboss.weld.probe:weld-probe-core:2.3.4.Final;org.jboss.weld.probe:weld-probe-core:3.1.2.Final;org.jboss.weld.probe:weld-probe-core:3.1.4.Final;org.jboss.weld.probe:weld-probe-core:2.3.5.Final;org.jboss.weld.probe:weld-probe-core:2.3.2.Final;org.jboss.weld.probe:weld-probe-core:3.0.6.Final;org.jboss.weld.probe:weld-probe-core:2.4.3.Final;org.jboss.weld.probe:weld-probe-core:3.1.3.Final;org.apache.camel:camel-example-servlet-rest-tomcat:2.15.2;org.apache.camel:camel-example-servlet-rest-tomcat:2.15.1;org.apache.camel:camel-example-servlet-rest-tomcat:2.15.2;org.apache.camel:camel-example-servlet-rest-tomcat:2.15.2;org.apache.camel:camel-example-servlet-rest-tomcat:2.15.2;org.apache.camel:camel-example-servlet-rest-tomcat:2.15.2;org.jboss.redhat-fuse.apicurio:fuse-apicurito-generator:no_fix;org.jboss.redhat-fuse.apicurio:fuse-apicurito-generator:no_fix;org.jboss.redhat-fuse.apicurio:fuse-apicurito-generator:no_fix;org.jboss.redhat-fuse.apicurio:fuse-apicurito-generator:no_fix;org.jboss.redhat-fuse.apicurio:fuse-apicurito-generator:no_fix;org.webjars.npm:alpaca:no_fix;org.webjars.npm:handlebars-inc:no_fix;org.webjars.npm:github-com-alexwolfe-Buttons:no_fix;org.webjars.npm:swagger-tools:no_fix;org.webjars:handlebars:2.0.0-alpha.2;org.webjars:handlebars:1.0.rc.1;org.webjars:handlebars:4.0.11;org.webjars.bower:handlebars:4.0.10;org.webjars.bower:handlebars:4.0.3;org.jboss.weld.servlet:weld-servlet:2.4.0.Final;org.jboss.weld.servlet:weld-servlet:2.4.0.CR1;org.jboss.weld.servlet:weld-servlet:2.4.8.Final;org.webjars.npm:swagger-ui:3.0.2;org.webjars.npm:github-com-gitana-alpaca:no_fix;org.webjars.npm:mirador:no_fix;org.webjars.npm:apidoc:no_fix;org.webjars.bower:jsonpath-object-transform:no_fix;org.webjars.npm:bower:1.8.12;org.jboss.weld.se:weld-se:2.4.0.Final;org.jboss.weld.se:weld-se:2.4.0.CR1;org.webjars:browser-sync:no_fix;org.webjars.npm:github-com-jensoleg-swagger-ui:no_fix;org.webjars.npm:swagger-ui-cimpress:no_fix;org.webjars.npm:pouchdb-find:no_fix;org.webjars.bower:swagger-ui:3.0.2;org.webjars:swagger-ui:2.2.8;org.webjars:jel-camel:no_fix;org.webjars.npm:github-com-Echo360-swagger-ui:no_fix

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): HIGH

Do you need more information?

Contact Us