thingsboard vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the thingsboard package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
L GHSA-5j33-cvvr-w245	<3.9-r1
L GHSA-27hp-xhwr-wr2m	<3.9-r1
L Time-of-check Time-of-use (TOCTOU)	<3.9-r1
L Improper Authentication	<3.9-r1
L GHSA-mfj5-cf8g-g2fv	<3.9-r1
L Time-of-check Time-of-use (TOCTOU)	<3.9-r1
L CVE-2024-12798	<3.9-r0
L CVE-2024-12801	<3.9-r0
L GHSA-pr98-23f8-jwxv	<3.9-r0
L GHSA-6v67-2wr5-gvf4	<3.9-r0
L CVE-2024-38827	<3.8.1-r4
L GHSA-q3v6-hm2v-pw99	<3.8.1-r4
L GHSA-2x2g-32r7-p4x8	<3.8.1-r4
L Improper Privilege Management	<3.8.1-r4
L GHSA-rhx6-c78j-4q9w	<3.8.1-r4
L Inefficient Regular Expression Complexity	<3.8.1-r4
L GHSA-c4q5-6c82-3qpw	<3.8.1-r2
L CVE-2024-38816	<3.8.1-r2
L CVE-2024-38821	<3.8.1-r2
L GHSA-cx7f-g6mp-7hqm	<3.8.1-r2
L GHSA-4gc7-5j7h-4qph	<3.8.1-r1
M CVE-2024-38820	<3.8.1-r1
M Cross-site Scripting (XSS)	<3.7-r4
L GHSA-493p-pfq6-5258	<3.7-r4
L GHSA-fg2v-w576-w4v3	<3.7-r4
H Out-of-bounds Write	<3.7-r4
L GHSA-m6fv-jmcg-4jfg	<3.7-r4
H Uncontrolled Recursion	<3.7-r4
H CVE-2023-52428	<3.7-r2
L GHSA-w33c-445m-f8w7	<3.7-r2
L Inefficient Regular Expression Complexity	<3.7-r2
L GHSA-9wv6-86v2-598j	<3.7-r2
L GHSA-wm9w-rjj3-j356	<3.7-r2
L Resource Exhaustion	<3.7-r2
H Incorrect Conversion between Numeric Types	<3.7-r2
L GHSA-gvpg-vgmx-xg6w	<3.7-r2
L GHSA-cqj8-47ch-rvvq	<3.7-r1
M Incorrect Default Permissions	<3.7-r1
L GHSA-2qp4-g3q3-f92w	<3.7-r1
M Inclusion of Functionality from Untrusted Control Sphere	<3.7-r1