1 ignored security issue in buster

package:
node-handlebars
severity:
low
created:
2019-12-21
last updated:
2020-02-08

There is 1 open security issue in buster.
1 issue skipped by the security teams:
  • CVE-2019-19919: Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's __proto__ and __defineGetter__ properties, which may allow an attacker to execute arbitrary code through crafted payloads.
Please fix it.