Maven package
com.github.jknack/handlebars
pkg:maven/com.github.jknack/handlebars
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-55760 | hig | — | < 4.5.2 | 4.5.2 | Jun 17, 2026 | ### Impact Any application that passes user-controlled input to Handlebars.compile() using a FileTemplateLoader (or ClassPathTemplateLoader) is vulnerable to arbitrary file read. This is a realistic attack surface for web applications that use template names from URL path paramet |
- affected < 4.5.2fixed 4.5.2
### Impact Any application that passes user-controlled input to Handlebars.compile() using a FileTemplateLoader (or ClassPathTemplateLoader) is vulnerable to arbitrary file read. This is a realistic attack surface for web applications that use template names from URL path paramet