[Snyk: High severity] Prototype Pollution in handlebars (Due 11/1/2019) #3222
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
Summary
High severity vulnerability found in handlebars
Description: Prototype Pollution
Info: https://snyk.io/vuln/SNYK-JS-HANDLEBARS-469063
Introduced through: handlebars@4.1.2, karma-coverage@1.1.2, karma-coverage-istanbul-reporter@2.0.5
From: handlebars@4.1.2
From: karma-coverage@1.1.2 > istanbul@0.4.5 > handlebars@4.1.2
From: karma-coverage-istanbul-reporter@2.0.5 > istanbul-api@2.1.7 > istanbul-reports@2.2.6 > handlebars@4.1.2
Remediation:
Upgrade direct dependency handlebars@4.1.2 to handlebars@4.3.0 (triggers upgrades to handlebars@4.3.0)
Upgrade direct dependency karma-coverage@1.1.2 to karma-coverage@1.1.2 (triggers upgrades to karma-coverage@1.1.2 > istanbul@0.4.5 > handlebars@4.3.0)
Upgrade direct dependency karma-coverage-istanbul-reporter@2.0.5 to karma-coverage-istanbul-reporter@2.0.5 (triggers upgrades to karma-coverage-istanbul-reporter@2.0.5 > istanbul-api@2.1.7 > istanbul-reports@2.2.6 > handlebars@4.3.0)
The text was updated successfully, but these errors were encountered: