Homepage

thingsboard vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the thingsboard package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • L
GHSA-735f-pc8j-v9w8

<3.9.1-r2
  • L
CVE-2024-38809

<3.9.1-r2
  • L
GHSA-2rmj-mq67-h97g

<3.9.1-r2
  • L
GHSA-mg83-c7gq-rv5c

<3.9.1-r2
  • L
CVE-2024-47764

<3.9.1-r2
  • L
CVE-2024-7254

<3.9.1-r2
  • L
CVE-2025-22228

<3.9.1-r2
  • L
GHSA-pxg6-pf52-xh8x

<3.9.1-r2
  • L
GHSA-p53j-g8pw-4w5f

<3.9.1-r2
  • L
CVE-2020-36843

<3.9.1-r2
  • L
GHSA-83qj-6fr2-vhqg

<3.9.1-r2
  • C
Deserialization of Untrusted Data

<3.9.1-r2
  • L
GHSA-4g8c-wm8x-jfhw

<3.9.1-r1
  • L
Improper Input Validation

<3.9.1-r1
  • L
GHSA-5j33-cvvr-w245

<3.9-r1
  • L
GHSA-27hp-xhwr-wr2m

<3.9-r1
  • L
Time-of-check Time-of-use (TOCTOU)

<3.9-r1
  • L
Improper Authentication

<3.9-r1
  • L
GHSA-mfj5-cf8g-g2fv

<3.9-r1
  • L
Time-of-check Time-of-use (TOCTOU)

<3.9-r1
  • L
CVE-2024-12798

<3.9-r0
  • L
CVE-2024-12801

<3.9-r0
  • L
GHSA-pr98-23f8-jwxv

<3.9-r0
  • L
GHSA-6v67-2wr5-gvf4

<3.9-r0
  • L
CVE-2024-38827

<3.8.1-r4
  • L
GHSA-q3v6-hm2v-pw99

<3.8.1-r4
  • L
GHSA-2x2g-32r7-p4x8

<3.8.1-r4
  • L
Improper Privilege Management

<3.8.1-r4
  • L
GHSA-rhx6-c78j-4q9w

<3.8.1-r4
  • L
Inefficient Regular Expression Complexity

<3.8.1-r4
  • L
GHSA-c4q5-6c82-3qpw

<3.8.1-r2
  • L
CVE-2024-38816

<3.8.1-r2
  • L
CVE-2024-38821

<3.8.1-r2
  • L
GHSA-cx7f-g6mp-7hqm

<3.8.1-r2
  • L
GHSA-4gc7-5j7h-4qph

<3.8.1-r1
  • M
CVE-2024-38820

<3.8.1-r1
  • M
Cross-site Scripting (XSS)

<3.7-r4
  • L
GHSA-493p-pfq6-5258

<3.7-r4
  • L
GHSA-fg2v-w576-w4v3

<3.7-r4
  • H
Out-of-bounds Write

<3.7-r4
  • L
GHSA-m6fv-jmcg-4jfg

<3.7-r4
  • H
Uncontrolled Recursion

<3.7-r4
  • H
CVE-2023-52428

<3.7-r2
  • L
GHSA-w33c-445m-f8w7

<3.7-r2
  • L
Inefficient Regular Expression Complexity

<3.7-r2
  • L
GHSA-9wv6-86v2-598j

<3.7-r2
  • L
GHSA-wm9w-rjj3-j356

<3.7-r2
  • L
Resource Exhaustion

<3.7-r2
  • H
Incorrect Conversion between Numeric Types

<3.7-r2
  • L
GHSA-gvpg-vgmx-xg6w

<3.7-r2
  • L
GHSA-cqj8-47ch-rvvq

<3.7-r1
  • M
Incorrect Default Permissions

<3.7-r1
  • L
GHSA-2qp4-g3q3-f92w

<3.7-r1
  • M
Inclusion of Functionality from Untrusted Control Sphere

<3.7-r1