Handlebars prior to 4.4.5 allows Regular Expression Denial of Service (ReDoS) because of eager matching. The parser may be forced into an endless loop while processing crafted templates. This may allow malicious users to exhaust system resources.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
handlebarsjs handlebars |