Description
haml-coffee is a JavaScript templating solution. haml-coffee mixes pure template data with engine configuration options through the Express render API. More specifically, haml-coffee supports overriding a series of HTML helper functions through its configuration options.
Recommendation
No fix is available yet. Followings are affected versions:
- <= 1.14.1
References
Related Issues
- Angular vulnerable to Cross-site Scripting - CVE-2020-7676
- rollbar vulnerable to prototype pollution - CVE-2025-57325
- csvjson vulnerable to prototype injection - CVE-2025-57318
- Prebid.js NPM package briefly compromised - CVE-2025-59038
- Tags:
- npm
- haml-coffee
Anything's wrong? Let us know Last updated on February 01, 2023