Prototype Pollution vulnerability (CVE-2019-19919) in handlebars

General

Escalation

General

Escalation

Description

The handlebars package has the Prototype Pollution vulnerability (CVE-2019-19919).

PMM versions were not affected by this vulnerability, as this package is used as a build dependency only.

Solution: update handlebars to version 4.5.3.

https://github.com/percona/qan-app/pull/354

How to test

None

How to document

None

Linked issues

is cloned by

PMM-5227

Prototype Pollution vulnerability (CVE-2019-19919) in handlebars (PMM1)

PMM-5371

CVE-2019-19919: Update Handlebars to 4.5.3

Smart Checklist

Activity

Done

Details
Assignee
Unassigned
Reporter
Roma Novikov(Deactivated)
Priority
High
Components
Labels
CVE
Needs Doc
Yes
Fix versions
2.2.1
Story Points
1
Sprint
None
Affects versions
2.02.0

Smart Checklist

Created December 26, 2019 at 10:53 PM

Updated November 13, 2024 at 8:34 AM

Resolved January 23, 2020 at 3:48 PM

Prototype Pollution vulnerability (CVE-2019-19919) in handlebars

Description

How to test

How to document

Linked issues

is cloned by

Smart Checklist

Activity

DetailsAssigneeUnassignedUnassignedReporterRoma NovikovRoma Novikov(Deactivated)PriorityHighComponentsLabelsCVENeeds DocYesFix versions2.2.1Story Points1SprintNone+2Affects versions2.02.0

Details

Assignee

Reporter

Priority

Components

Labels

Needs Doc

Fix versions

Story Points

Sprint

Affects versions

Smart ChecklistOpen Smart Checklist

Smart Checklist

Details
Assignee
Unassigned
Reporter
Roma Novikov(Deactivated)
Priority
High
Components
Labels
CVE
Needs Doc
Yes
Fix versions
2.2.1
Story Points
1
Sprint
None
Affects versions
2.02.0

Smart Checklist