Description
haml-coffee is a JavaScript templating solution. haml-coffee mixes pure template data with engine configuration options through the Express render API. More specifically, haml-coffee supports overriding a series of HTML helper functions through its configuration options.
Recommendation
No fix is available yet. Followings are affected versions:
- <= 1.14.1
References
Related Issues
- rollbar vulnerable to prototype pollution - CVE-2025-57325
- Prebid.js NPM package briefly compromised - CVE-2025-59038
- devalue prototype pollution vulnerability - CVE-2025-57820
- js-toml Prototype Pollution Vulnerability - CVE-2025-54803
- Tags:
- npm
- haml-coffee
Anything's wrong? Let us know Last updated on February 01, 2023