RubyGems package
bootstrap-wysihtml5-rails
pkg:gem/bootstrap-wysihtml5-rails
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-19919 | — | >= 0.3.3.5, <= 0.3.3.8 | — | Dec 20, 2019 | Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's __proto__ and __defineGetter__ properties, which may allow an attacker to execute arbitrary code through crafted payloads. |
- CVE-2019-19919Dec 20, 2019affected >= 0.3.3.5, <= 0.3.3.8
Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's __proto__ and __defineGetter__ properties, which may allow an attacker to execute arbitrary code through crafted payloads.