Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

WS-2020-0450

Good to know:

icon
icon

Date: January 9, 2020

Handlebars before 4.6.0 vulnerable to Prototype Pollution. Prototype access to the template engine allows for potential code execution, which may lead to Denial Of Service (DoS).

Language: JS

Severity Score

Related Resources (2)

https://github.com/handlebars-lang/handlebars.js/commit/33a3b46bc205f768f8edbc67241c68591fe3472c
https://www.mend.io/vulnerability-database/WS-2020-0450

Severity Score

Weakness Type (CWE)

Uncontrolled Resource Consumption

CWE-400

Top Fix

icon

Upgrade Version

Upgrade to version tiderjian/qscmf - v2.0.0;tiderjian/qscmf - dev-rebuild1;tasmaniski/laminas-swagger - no_fix;vsmoraes/swagger-ui-bundle - no_fix;vsmoraes/swagger-ui-bundle - v0.1.2;vsmoraes/swagger-ui-bundle - v0.1.0;dandisy/laravel-generator - dev-dependabot/npm_and_yarn/templates/vuejs/js/eslint-4.19.1;dandisy/laravel-generator - 1.2.7;dandisy/laravel-generator - 1.0.0;dolibarr/dolibarr - 14.0.0;dolibarr/dolibarr - 12.1.x-dev;dolibarr/dolibarr - dev-revert-19608-patch-2;dolibarr/dolibarr - dev-revert-15607-12edit-extrafield-computed-multiline;dolibarr/dolibarr - dev-scrutinizer-patch-4;dolibarr/dolibarr - dev-scrutinizer-patch-2;cal127/phpcrud - v0.1;librenms/librenms - 22.6.0;librenms/librenms - dev-dependabot/npm_and_yarn/follow-redirects-1.14.8;librenms/librenms - dev-vlan-discovery-only;librenms/librenms - dev-analysis-22NN39;librenms/librenms - dev-dependabot/composer/composer/composer-2.1.9;librenms/librenms - 201606;librenms/librenms - dev-ottorei-patch-1;librenms/librenms - dev-ottorei-chrony-docs;librenms/librenms - dev-pr12764;librenms/librenms - dev-refactor-discovery;librenms/librenms - 1.38-full;librenms/librenms - dev-dependabot/npm_and_yarn/elliptic-6.5.4;librenms/librenms - 22.4.x-dev;librenms/librenms - dev-php73;librenms/librenms - 201507;librenms/librenms - dev-analysis-GP2gvA;librenms/librenms - dev-CiscoNac;librenms/librenms - dev-dependabot/npm_and_yarn/axios-1.7.4;eyecatchup/restler - 0.3.0;phprest/phprest-sample-heroku-app - no_fix;tribalsystems/zenario - 7.7.42682;tribalsystems/zenario - 9.1.55143;tribalsystems/zenario - 8.3.47997;tribalsystems/zenario - 7.0.2e;tribalsystems/zenario - 9.0.55141;tribalsystems/zenario - 8.2.46436;tribalsystems/zenario - 8.1.45530;tribalsystems/zenario - 8.9.55141;tribalsystems/zenario - 7.6.41504;tribalsystems/zenario - 42085;tribalsystems/zenario - 9.2.55826;tribalsystems/zenario - 7.5.40440;tribalsystems/zenario - 8.5.51340;tribalsystems/zenario - 8.0.44237;shopxo/shopxo - v2.2.8.x-dev;shopxo/shopxo - v2.0.3;shopxo/shopxo - no_fix;shopxo/shopxo - v2.2.0;shopxo/shopxo - v2.2.7;shopxo/shopxo - v2.2.5.x-dev;shopxo/shopxo - 2.1.0;shopxo/shopxo - v2.2.1;frameworks/handlebars.js - 1.2.0;frameworks/handlebars.js - 1.1.0;frameworks/handlebars.js - no_fix;frameworks/handlebars.js - 0.1.3;KarmaNodeModules - no_fix;xjryanse/admin - v0.1.15;xjryanse/admin - v0.0.145;xjryanse/admin - v0.0.1;xjryanse/admin - v0.0.148;msbios/cpanel - no_fix;msbios/cpanel - v1.0.44;msbios/cpanel - v1.0.48;dwij/laraadmin - 1.0.1;insidion/swagger-bundle - 1.0.0;yangsuda/slimcms-public - no_fix;digitalunited/wp-elastic-api - v0.1.4;digitalunited/wp-elastic-api - v0.1.3;digitalunited/wp-elastic-api - v0.1;digitalunited/wp-elastic-api - v0.1.2;treolabs/treocore - 3.24.0;treolabs/treocore - 3.25.2-rc3;treolabs/treocore - 3.25.15-rc10;treolabs/treocore - 3.24.1;treolabs/treocore - 3.25.17-rc5;treolabs/treocore - no_fix;treolabs/treocore - 3.25.18-rc2;treolabs/treocore - 3.25.12-rc4;treolabs/treocore - 3.25.15-rc6;treolabs/treocore - 3.25.19-rc3;treolabs/treocore - 3.25.0-rc20;treolabs/treocore - 3.24.27-rc5;treolabs/treocore - 3.25.5-rc3;treolabs/treocore - 3.25.1-rc24;treolabs/treocore - 3.25.8;treolabs/treocore - 3.24.29-rc3;treolabs/treocore - 1.0.0;treolabs/treocore - 3.25.15-rc8;treolabs/treocore - 3.25.3;treolabs/treocore - 3.24.32;treolabs/treocore - 3.23.0;treolabs/treocore - 3.25.15-rc3;computerundsound/curserver - no_fix;computerundsound/curserver - 2.2.0;dunglas/api-bundle - v2.0.0-rc.5;dunglas/api-bundle - v2.0.5;dunglas/api-bundle - v2.0.9;dunglas/api-bundle - dev-sf-dev-2;jsdom - 11.11.0;evolutioncms/evolution - 3.1.6;evolutioncms/evolution - no_fix;evolutioncms/evolution - 1.3.0;evolutioncms/evolution - 1.4.15;evolutioncms/evolution - 3.1.8;evolutioncms/evolution - 1.4.17;evolutioncms/evolution - 1.4.1;evolutioncms/evolution - 3.1.10;dedegunawan/my-framework - no_fix;pods-framework/pods - dev-feature/numbers-support-leading-zeroes;pods-framework/pods - dev-dependabot/npm_and_yarn/multi-cf87d80143;pods-framework/pods - dev-feature/2.8/WPML;pods-framework/pods - dev-test/skc-testing-3;pods-framework/pods - 2.7.2;pods-framework/pods - 2.7;pods-framework/pods - dev-dependabot/npm_and_yarn/async-2.6.4;pods-framework/pods - dev-dependabot/npm_and_yarn/node-fetch-2.6.7;pods-framework/pods - dev-feature/4098-wpmu-queries;dunglas/json-ld-api-bundle - dev-sf-dev-2;tiderjian/think-core - v7.2.0;tiderjian/think-core - v11.13.6;tiderjian/think-core - v11.19.10;tiderjian/think-core - v11.33.4;tiderjian/think-core - v11.30.0;tiderjian/think-core - v11.34.7;tiderjian/think-core - v12.0.0;tiderjian/think-core - v7.0.1;tiderjian/think-core - v12.0.5;tiderjian/think-core - v11.30.4;tiderjian/think-core - v8.0.1;tiderjian/think-core - v2.3.5;tiderjian/think-core - v12.0.8;tiderjian/think-core - v13.0.0;tiderjian/think-core - v3.1.2;tiderjian/think-core - dev-dependabot/npm_and_yarn/asset/libs/label-select/ssri-6.0.2;tiderjian/think-core - dev-dependabot/npm_and_yarn/asset/libs/label-select/ajv-6.12.6;tiderjian/think-core - v11.34.3;tiderjian/think-core - v11.x-dev;tiderjian/think-core - v11.13.4;tiderjian/think-core - v11.34.0;tiderjian/think-core - v11.13.10;tiderjian/think-core - dev-dependabot/npm_and_yarn/asset/libs/label-select/tar-4.4.19;tiderjian/think-core - v8.0.4;tiderjian/think-core - dev-dependabot/npm_and_yarn/asset/libs/label-select/postcss-7.0.36;vanderlee/swaggergen - no_fix;vanderlee/swaggergen - 2.0.1;vanderlee/swaggergen - 2.0-beta-1;wheelpros/fitment-platform-api - 2.2.5;wheelpros/fitment-platform-api - 2.2.x-dev;wheelpros/fitment-platform-api - 0.42.0-beta10;wheelpros/fitment-platform-api - 0.42.0-beta9;treo/treopim - 3.25.1-rc30;treo/treopim - 3.24.32;treo/treopim - 3.25.15-rc3;treo/treopim - 3.25.18-rc2;treo/treopim - 3.25.8-rc1;treo/treopim - 3.24.27-rc5;treo/treopim - 3.24.1;treo/treopim - foo;treo/treopim - no_fix;treo/treopim - 3.25.0-rc20;treo/treopim - 3.25.15-rc6;treo/treopim - 3.25.12-rc2;treo/treopim - 3.25.19-rc3;treo/treopim - 3.23.0;treo/treopim - 3.25.2-rc3;treo/treopim - 3.24.29-rc3;treo/treopim - 3.25.17-rc5;treo/treopim - 3.20.14;treo/treopim - 3.25.3-rc1;treo/treopim - 3.25.15-rc8;treo/treopim - 3.24.0;treo/treopim - 3.25.15-rc10;treo/treopim - 3.25.1-rc24;treo/treopim - 3.25.5-rc3;damian-nz/l5-swagger - no_fix;damian-nz/l5-swagger - 4.0.0;damian-nz/l5-swagger - dev-master;ralphowino/swagger - no_fix;luracast/restler - dev-features/proxy-api;luracast/restler - 5.0.6;luracast/restler - 5.07;luracast/restler - 2.2.0;luracast/restler - 4.0.0;luracast/restler - 1.0.20;kizi/easyminer-easyminercenter - no_fix;kizi/easyminer-easyminercenter - v2.0;dreamfactory/dreamfactory - dev-dependabot/add-v2-config-file;dreamfactory/dreamfactory - dev-feature/df-installer;dreamfactory/dreamfactory - 2.1.0;dreadnaught/laramie - dev-main;dreadnaught/laramie - dev-dependabot/composer/erusev/parsedown-1.7.2;dreadnaught/laramie - dev-dependabot/npm_and_yarn/src/bulma-1.0.3;dreadnaught/laramie - dev-feature/bulk-hook-refactor;dreadnaught/laramie - no_fix;dreadnaught/laramie - dev-dependabot/npm_and_yarn/src/trix-2.1.9;dreadnaught/laramie - dev-dependabot/npm_and_yarn/src/tributejs-5.1.3;dreadnaught/laramie - dev-dependabot/npm_and_yarn/src/bulma-1.0.2;dreadnaught/laramie - dev-dependabot/composer/guzzlehttp/psr7-1.8.5;dreadnaught/laramie - dev-feature/add-way-to-get-underlying-filtered-query-builder;dreadnaught/laramie - dev-dependabot/npm_and_yarn/src/fortawesome/fontawesome-free-6.6.0;logiks/logiks-core - no_fix;logiks/logiks-core - v4.0.0;logiks/logiks-core - v3.0;pwptemplatepusintek - no_fix;leaphly/leaphly-sandbox - no_fix;evocms/evolution - 3.1.20;evocms/evolution - dev-users;evocms/evolution - 3.1.1;evocms/evolution - dev-frozen_urls;evocms/evolution - dev-fix/codemirror-remove-addon-tern;evocms/evolution - 1.4.20;evocms/evolution - 2.0.0-RC;evocms/evolution - dev-fix/evo-3x-184;evocms/evolution - dev-shit-and-sticks;evocms/evolution - no_fix;evocms/evolution - dev-Issue24;evocms/evolution - 1.4.2;evocms/evolution - dev-fix/3x-refactor;20steps/bricks-rest-core - v2.0.0;20steps/bricks-rest-core - v1.0.0-beta;kilyakus/yii2-template-engine - no_fix;bseries/base_core - v1.0.0;bseries/base_core - no_fix;bseries/base_core - v1.3.0;bseries/base_core - v1.4.0;bseries/base_core - v1.5.0;connexion - 2.3.0;dersam/carty - no_fix;ng-grid - 2.0.4;gbksoft/yii2-swagger - v1.0.4;gbksoft/yii2-swagger - v1.1.0;gbksoft/yii2-swagger - v1.0.1;gbksoft/yii2-swagger - v1.0.2;gbksoft/yii2-swagger - v1.0.0;gbksoft/yii2-swagger - v1.0.3;kphcdr/ppphp - 2.3.0;kphcdr/ppphp - 1.0;steamuloabeaujou/api-platform - v2.1.0-beta.1;components/handlebars.js - v4.0.13;components/handlebars.js - v4.6.0;components/handlebars.js - dev-jaylinski-patch-1;components/handlebars.js - v3.0.8;components/handlebars.js - v4.2.1;components/handlebars.js - v3.0.4;restler/framework - 5.0.6;restler/framework - 4.0.0;restler/framework - 5.07;restler/framework - 3.0.0-RC1;restler/framework - dev-master;bokeh - 0.9.0;imikemiller/l5-swagger-redoc - v2.0;imikemiller/l5-swagger-redoc - 4.0.1;imikemiller/l5-swagger-redoc - 3.0.1;evolution-cms-extras/doclister - no_fix;siu-toba/framework - dev-feature/addIdFuenteUsuarios;siu-toba/framework - dev-feature/updateLibs;siu-toba/framework - v3.3.6;siu-toba/framework - dev-feature/fixApiKeysByEnv;siu-toba/framework - dev-feature/chngRestExceptions;siu-toba/framework - dev-support/v3.3;siu-toba/framework - dev-feature/formatoFechaConGuion;yiixwom/yii-xwom - 1.0.6;yiixwom/yii-xwom - no_fix;yiixwom/yii-xwom - v0.1.2;vegas-cmf/media - v1.1.x-dev;pragmaticlinux/ember - no_fix;nowyouwerkn/wecommerce - dev-satellite;nowyouwerkn/wecommerce - 1.5;nowyouwerkn/wecommerce - dev-moon;nowyouwerkn/wecommerce - dev-main;nowyouwerkn/wecommerce - no_fix;openi-ict/api-builder - no_fix;perfectpanel/swaggergen - no_fix;jupyterlab-nvdashboard - 0.3.0;raftx24/l5-swagger - 3.0.1;raftx24/l5-swagger - v2.0;raftx24/l5-swagger - 4.0.1;jinsoft/laravel-swagger - no_fix;lanos/yetiweb - no_fix;flex360/pilot - no_fix;flex360/pilot - dev-dependabot/npm_and_yarn/dns-packet-1.3.4;elefant/app-products - 1.0.0;regulus/fractal - v0.4.7;subbly/cms - dev-packaging;kennersoft/kennercore - 3.25.35;kennersoft/kennercore - v1.6.6;kennersoft/kennercore - no_fix;kennersoft/kennercore - 3.25.37;kennersoft/kennercore - dev-documentation-v1;kubotak-is/l5-swagger - 3.0.1;kubotak-is/l5-swagger - v2.0;kubotak-is/l5-swagger - 4.0.1;kevupton/auto-swagger-ui - v0.1.0;secp256k1 - 0.6.0;tuupke/laravel-swagger - 2.0.0;subbly/backend - no_fix;appserver-io/appserver - 1.1.27;appserver-io/appserver - no_fix;appserver-io/appserver - 1.1.32;appserver-io/appserver - final;appserver-io/appserver - 1.1.1-alpha1;mediabet-kamaelkz/yii2-admin-panel - no_fix;toml - 0.1.27;microservice/raptor - no_fix;opencontent/ocopendata_forms-ls - no_fix;opencontent/ocopendata_forms-ls - 1.5.2;opencontent/ocopendata_forms-ls - 1.6.10;opencontent/ocopendata_forms-ls - 1.0beta;sjje/swaggervel - dev-master;sjje/swaggervel - 2.0.x-dev;dingdayu/qiniupan - no_fix;tariqul/multiauth - no_fix;EmberJS - 2.2.0;EmberJS - 1.3.0;EmberJS - 1.0.0;EmberJS - 1.0.5;poqcz/restler - dev-master;poqcz/restler - 4.0.0;poqcz/restler - 2.2.0;wheelpros/shipping-method-calculator - 0.42.0-beta10;wheelpros/shipping-method-calculator - 2.2.5;wheelpros/shipping-method-calculator - 0.42.0-beta9;wheelpros/shipping-method-calculator - 2.2.x-dev;enlx/apidoc-template - 0.1.0;dreamfactory/df-api-docs-ui - 1.1.0;antonio-salieri/egc_tweet - no_fix;MIDIator.WebClient - 1.0.105;sergeyfast/eazy-jsonrpc - no_fix;sergeyfast/eazy-jsonrpc - v1.0;zaoub/zaoub - 0.1;zaoub/zaoub - no_fix;zaoub/zaoub - dev-dependabot/npm_and_yarn/jquery-3.5.0;zaoub/zaoub - dev-dependabot/npm_and_yarn/lodash-4.17.19;apex/apex - 1.5.0;apex/apex - 1.2.16;alt3/cakephp-swagger - no_fix;adaclare/server-manager - no_fix;nehakadam/calenstyle - no_fix;dreamfactory/df-swagger-ui - 0.4.0;dreamfactory/df-swagger-ui - v3.0.0;dreamfactory/df-swagger-ui - no_fix;plagtracker/api-client - no_fix;adrexia/silverstripe-gumby-theme - 2;keeko/developer-app - v0.2;jagermesh/bright - 2.0.102;jagermesh/bright - v2.0.26;jagermesh/bright - v2.0.0;jagermesh/bright - dev-dependabot/composer/phpseclib/phpseclib-tw-2or-tw-3;adrexia/silverstripe-pure - no_fix;handlebars.js - no_fix;esandri/swagger-ui-big - dev-cbt-run-e2e;rtablada/laravel-faq - 1.0.x-dev;dhawton/l5-swagger-redoc - v2.0;dhawton/l5-swagger-redoc - 4.0.1;dhawton/l5-swagger-redoc - 3.0.1;dandisy/adminlte-templates - 1.2.2;superup/mobwebbundle - no_fix;iramgutierrez/lumen-resource-api - no_fix;pronto/mobilebundle - 0.1.0;pronto/mobilebundle - no_fix;pronto/mobilebundle - 0.2.2;pronto/mobilebundle - 2.0.1-beta1;contentasaurus/c-rex-admin - v1.0.1;contentasaurus/c-rex-admin - v1.0.7;ant-ipc-server - no_fix;ant-ipc-server - 2.4.1;jjdoor/swagger-lume - 2.0;tractorcow/web-console - v0.9.5;ramzyvirani/laravel-boilerplate - dev-snyk-fix-6118335e7ee4db4dc6929725f8b9be70;ramzyvirani/laravel-boilerplate - dev-snyk-fix-ad10bb3d08f682b4190aefeb23a5c3d5;ramzyvirani/laravel-boilerplate - no_fix;danijelsingularity98/swaggergen - no_fix;luoxiaojun1992/sf - v1.0.0;antwebes/api-social-bundle - no_fix;magento/community-edition - dev-lenaorobei-patch-2;magento/community-edition - 2.2.0-RC1.1;magento/community-edition - 2.2.x-dev;magento/community-edition - 0.42.0-beta10;magento/community-edition - dev-converted-magento-magento2-2.4.3;magento/community-edition - 0.42.0-beta9;Raml.Parser - 1.0.7;pleio/pleio_rest - no_fix;handlebars - 4.1.2-0;handlebars - 4.6.0;devisephp/cms - v.2.1.0-beta.4;libgraviton/swagger-ui - v1.0;Odn.Swagger.Net - no_fix;Handlebars - 100.0.0;quantimodo/docs - dev-renovate/npm-path-parse-vulnerability;quantimodo/docs - dev-renovate/npm-glob-parent-vulnerability;quantimodo/docs - dev-renovate/npm-nanoid-vulnerability;quantimodo/docs - no_fix;api-platform/core - v2.1.0-beta.1;api-platform/core - dev-sf-dev-2;firdaushatta/l5-swagger - dev-firdaushatta-patch-1;firdaushatta/l5-swagger - dev-firdaushatta-patch-2;firdaushatta/l5-swagger - dev-upgrade-to-swagger-ui-4;firdaushatta/l5-swagger - 5.0;gzero/api - v0.0.1;gzero/api - v1.0.0;jnbruno/akeed - 0.0.3;jnbruno/akeed - no_fix;osfed/l4crud - no_fix;yanev/laraadmin - no_fix;antonio-salieri/egctweet_plain - no_fix;imjarek/laravel-swagger - 5.0;rodchyn/api-platform-core - v2.1.0-beta.1;dvixi/yii2-alpaca-json - no_fix;dvixi/yii2-alpaca-json - 0.9-dev;askatlas-ai/api-connector - dev-feature/df-installer;Bnsights.Mvc2 - 1.2.1.93;fxmonster/l5-swagger - 5.0;opencontent/ocwebhookserver-ls - dev-job-control;opencontent/ocwebhookserver-ls - 1.0.0;opencontent/ocwebhookserver-ls - no_fix;opencontent/ocwebhookserver-ls - 1.1.4;juzaweb/l5-swagger - 5.0;seldatdirect/swagger-lume - no_fix;wheelpros/image-generator-plus - 2.2.x-dev;wheelpros/image-generator-plus - 0.42.0-beta9;wheelpros/image-generator-plus - 2.2.5;wheelpros/image-generator-plus - 0.42.0-beta10;mreko/l5-swagger - v2.0;mreko/l5-swagger - 3.0.1;mreko/l5-swagger - 4.0.1;vanthao03596/fortify-limitless - 1.0.2;w3yyb/phalphp - no_fix;brt/blog-bundle - 0.8.0;brt/blog-bundle - no_fix;brt/blog-bundle - 0.8.1;brt/blog-bundle - 0.8.3.2;sfs/admin-bundle - 1.0.0;sfs/admin-bundle - dev-feature/sf5;sfs/admin-bundle - no_fix;flask-apispec - 0.7.0;flask-apispec - 0.4.0;woldy/cms - no_fix;kjda/translation-bundle - no_fix;alexmaramaldo/swaggervel-2 - no_fix;kbrabrand/silex-swagger-ui - no_fix;jessekoska/swagger-ui-lumen - no_fix;esnanta/yii2-news - dev-update-news;esnanta/yii2-news - no_fix;pmurkin/bootstrapi - no_fix;sada/sadata-component - no_fix;thinkerforthink/thinker - v1.0.0;keyteqlabs/keymedia-ezpublish - no_fix;keyteqlabs/keymedia-ezpublish - exceed-2.0.0-rc.3;parm/parm-web - no_fix;davin.bao/apidoc - no_fix;za-web/octo-gallery - no_fix;govtnz/swagger-ui - v1.0;seax_svm - 0.2.8;swagger-api/swagger-ui - 3.x-dev;swagger-api/swagger-ui - dev-dependabot/github_actions/master/dependabot/fetch-metadata-2.0.0;andriybazyuta/l4-asset-emblem - no_fix;rutatiina/accountant - no_fix;cargic/blog - no_fix;mpcmf/mpcmf-web-app - 1.0.0.x-dev;mpcmf/mpcmf-web-app - no_fix;cr3a7ure/core - dev-docminor;cr3a7ure/core - dev-class;cr3a7ure/core - no_fix;lithiumdev/l5-swagger - v1.0.0;helingfeng/l5-swagger - 5.0;ea/yii2-contact-manager - no_fix;iramgutierrez/laravel-resource-api - 1.0.27;pmvc-app/swagger_ui - no_fix;ServiceStack.Api.Swagger.Signed - 4.5.12;vjeantet/silex-simple-rest-swagger - no_fix;envrin/apex - 1.2.2;envrin/apex - 1.0.1;flexxia/flexprimeng - dev-update-angularjs;flexxia/flexprimeng - dev-dependabot/npm_and_yarn/css/postcss/y18n-3.2.2;mmitasch/flow4ember - no_fix;driberac/blank - no_fix;abs/helper-pkg - no_fix;jlapp/swaggervel - 2.0.x-dev;seax_scheme - no_fix;restaurare/ewlist - no_fix;tasmaniski/zend-swagger - no_fix;dandisy/webcore - 1.0.0;dandisy/webcore - 1.0.6;dandisy/webcore - no_fix;Handlebars.js - no_fix;pixelstudio/updraftplus - no_fix;open-resource-manager/core - no_fix;iwanli/laravel5-swagger - no_fix;mymdz/l5-swagger - 5.0;magetest/magento - v2.0.1.0;speedovation/laravelmart - no_fix;speedovation/laravelmart - 0.2;clubmaster/formextra - no_fix;clubmaster/formextra - 1.0;darkaonline/l5-swagger - dev-upgrade-to-swagger-ui-4;darkaonline/l5-swagger - v2.0;darkaonline/l5-swagger - 3.0.1;guitarpoet/clips-tool - dev-picture;zfcampus/zf-apigility-documentation-swagger - no_fix;zfcampus/zf-apigility-documentation-swagger - 0.9.0;ServiceStack.Api.Swagger - 4.5.12;JYM.IdentityServer.Swagger - no_fix;arionum/node - v0.1a;kartik-v/yii2-widget-typeahead - no_fix;dennis1804/iq-swagger - no_fix;dennis1804/iq-swagger - dev-dependabot/composer/illuminate/support-approx-8.16;ci-blox/ignition-go - 1.0.0-beta.1;ci-blox/ignition-go - no_fix;spescina/mediabrowser - 3.0.0;danijelsingulatiry98/swaggergen - no_fix;allmobilize/amazeui - v1.0.0;dandisy/webcore-base - no_fix;dandisy/webcore-base - 1.0.0;isobar-nz/web-console - 2.1.1;isobar-nz/web-console - 2.0.2;isobar-nz/web-console - 2.0.x-dev;osidea/eosadm - no_fix;osidea/eosadm - 0.0.2-beta.1;gajendrajain20/laravel-pioneer-cms - no_fix;pyntax/pyntax - dev-develop/pyntax-api-module;pyntax/pyntax - 0.9.2;electrscash - 1.1.1;riverslei/laravel-swagger - no_fix;elefant/cms - dev-master;nhiepphong/backend - no_fix;bmilesp/bootstrap_extend - 2.1.x-dev;bmilesp/bootstrap_extend - no_fix;pharmit/swaggervel - 2.0.x-dev;zquintana/lara-swag - no_fix;egov/vws - no_fix;latrell/swagger - 1.0.2;basalam/laravel-kendo-ui - no_fix;neelbhanushali/laravel-apidocjs - no_fix;smellems/wet4 - dev-master;kamaelkz/yii2-admin-panel - no_fix;dreamfactory/app-admin - 1.0.4;dreamfactory/app-admin - no_fix;jessekoska/swagger-lume - v2.0.24;haotx/swagger-lume - no_fix;bluzphp/skeleton - 1.0.1;seax_util - 0.1.2;EmberJSPackage - no_fix;rich2k/l5-swagger - 5.0;acosf/archersys - 1.0;efwplusRuntime - no_fix;kbrabrand/zf2-swagger-ui - no_fix;klezbucket/laravelito - no_fix;TRA.EServices.FormBuilder - no_fix;codesleeve/sprockets - no_fix;svgsynoptic2 - 4.1.4;zulfajuniadi/php-rest-server - no_fix;folksyfolks/l5-swagger - 3.1.4;folksyfolks/l5-swagger - dev-upgrade-to-swagger-ui-4;folksyfolks/l5-swagger - 2.1;hos/hos-framework - no_fix;ernestoponce/slimproject - no_fix;squareproton/bond - no_fix;hadeswang/jlapp-swaggervel - 2.0.x-dev;rutatiina/ui - no_fix;Bower - no_fix;g3n1us/editor - no_fix;mahmoodbabaei/etribes-code-challenge - no_fix;dynamic/silverstripe-locator - 1.1.1;dynamic/silverstripe-locator - 1.2.1;visiosoft/l5-swagger - 3.x-dev;Ncapsulate.Bower - no_fix;yaangvu/swagger-lume - 2.0;myVisasNodeJs - no_fix;activelamp/swagger-ui-bundle - v0.1.0;activelamp/swagger-ui-bundle - v0.1.2;yangsuda/slimcms - 2.0.1.x-dev;yangsuda/slimcms - 2.0.0;cromwell - 0.30;lemonvine/yii2-adminlte - v1.0.1;lemonvine/yii2-adminlte - no_fix;jacoob/vino-blog - no_fix;dunglas/todomvc-bundle - no_fix;Moxie - 1.0.4;centurion/app - no_fix;xtwoend/minion-cms - no_fix;davigs/swagger-lume - 2.0;fmarmo/swagger-lume - 2.0;hasangilak/l5-swagger - 5.0;flask-restful-swagger - no_fix;superius/omnihubfonts - no_fix;smskin/l5-swagger - 5.0;tadpole - no_fix;auspice - no_fix;laminas-api-tools/api-tools-documentation-swagger - 1.3.x-dev;codesleeve/l4-asset-handlebars - no_fix;o2relax/laravel-shop - no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;io.hawt.swagger:hawtio-swagger-ui:no_fix;org.apache.camel:camel-example-servlet-rest-tomcat:2.15.2;org.apache.camel:camel-example-servlet-rest-tomcat:2.15.2;org.apache.camel:camel-example-servlet-rest-tomcat:2.15.2;org.apache.camel:camel-example-servlet-rest-tomcat:2.15.1;org.apache.camel:camel-example-servlet-rest-tomcat:2.15.2;org.apache.camel:camel-example-servlet-rest-tomcat:2.15.2;org.jboss.weld.probe:weld-probe-core:3.1.4.Final;org.jboss.weld.probe:weld-probe-core:2.3.5.Final;org.jboss.weld.probe:weld-probe-core:3.1.3.Final;org.jboss.weld.probe:weld-probe-core:3.1.1.Final;org.jboss.weld.probe:weld-probe-core:3.1.2.Final;org.jboss.weld.probe:weld-probe-core:3.1.0.Beta1;org.jboss.weld.probe:weld-probe-core:3.0.4.Final;org.jboss.weld.probe:weld-probe-core:3.0.5.Final;org.jboss.weld.probe:weld-probe-core:2.3.4.Final;org.jboss.weld.probe:weld-probe-core:2.4.8.Final;org.jboss.weld.probe:weld-probe-core:3.1.5.Final;org.jboss.weld.probe:weld-probe-core:2.4.4.Final;org.jboss.weld.probe:weld-probe-core:2.3.2.Final;org.jboss.weld.probe:weld-probe-core:2.4.2.Final;org.jboss.weld.probe:weld-probe-core:2.4.3.Final;org.jboss.weld.probe:weld-probe-core:3.0.6.Final;org.webjars:jel-camel:no_fix;org.jboss.weld.se:weld-se:2.4.0.Final;org.jboss.weld.se:weld-se:2.4.0.CR1;org.jboss.windup.reporting:windup-reporting-impl:6.2.5.Final;org.jboss.windup.reporting:windup-reporting-impl:6.1.0.Alpha1;org.jboss.windup.reporting:windup-reporting-impl:no_fix;org.jboss.windup.reporting:windup-reporting-impl:6.3.5.Final;org.jboss.windup.reporting:windup-reporting-impl:6.3.3.Final;org.jboss.windup.reporting:windup-reporting-impl:6.3.7.Final;org.jboss.windup.reporting:windup-reporting-impl:6.1.8.Final;org.jboss.windup.reporting:windup-reporting-impl:6.1.10.Final;org.jboss.windup.reporting:windup-reporting-impl:6.2.0.Alpha1;org.jboss.windup.reporting:windup-reporting-impl:6.3.4.Final;org.jboss.windup.reporting:windup-reporting-impl:6.1.4.Final;org.jboss.windup.reporting:windup-reporting-impl:6.3.0.Final;org.jboss.windup.reporting:windup-reporting-impl:6.3.8.Final;org.jboss.windup.reporting:windup-reporting-impl:6.3.9.Final;org.jboss.windup.reporting:windup-reporting-impl:6.1.3.Final;org.jboss.windup.reporting:windup-reporting-impl:6.3.2.Final;org.jboss.weld.servlet:weld-servlet:2.4.0.Final;org.jboss.weld.servlet:weld-servlet:2.4.8.Final;org.jboss.weld.servlet:weld-servlet:2.4.0.CR1;org.jboss.redhat-fuse.apicurio:fuse-apicurito-generator:no_fix;org.jboss.redhat-fuse.apicurio:fuse-apicurito-generator:no_fix;org.jboss.redhat-fuse.apicurio:fuse-apicurito-generator:no_fix;org.jboss.redhat-fuse.apicurio:fuse-apicurito-generator:no_fix;org.jboss.redhat-fuse.apicurio:fuse-apicurito-generator:no_fix;org.webjars:openui5:1.28.16;org.webjars:openui5:1.28.11;org.webjars:browser-sync:no_fix;org.webjars:handlebars:1.0.rc.1;org.webjars:handlebars:4.0.11;org.webjars:handlebars:4.7.6;org.webjars:handlebars:2.0.0-alpha.2;org.webjars.npm:swagger-tools:no_fix;org.webjars.npm:apidoc:no_fix;org.webjars.npm:github-com-gitana-alpaca:no_fix;org.webjars.npm:bower:1.8.12;org.apache.camel:camel-example-swagger-xml:2.17.1;org.apache.camel:camel-example-swagger-xml:2.17.1;org.apache.camel:camel-example-swagger-xml:2.17.1;org.apache.camel:camel-example-swagger-xml:2.17.1;io.fabric8.quickstarts.cxf.jaxrs:spring-boot-cxf-jaxrs-xml:no_fix;org.webjars.npm:mirador:no_fix;org.webjars.npm:github-com-Echo360-swagger-ui:no_fix;org.webjars.npm:handlebars:4.7.2;org.webjars.bower:handlebars:4.0.10;org.webjars.bower:handlebars:4.0.3;org.webjars.npm:github-com-jensoleg-swagger-ui:no_fix;org.webjars.npm:swagger-ui:3.0.2;org.webjars.bower:jsonpath-object-transform:no_fix;org.webjars:swagger-ui:2.2.8;org.webjars.npm:github-com-alexwolfe-Buttons:no_fix;org.webjars.npm:swagger-ui-cimpress:no_fix;org.webjars.npm:alpaca:no_fix;org.webjars.npm:pouchdb-find:no_fix;org.webjars.bower:swagger-ui:3.0.2

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): HIGH

Do you need more information?

Contact Us