@budibase/bbui@0.9.190 vulnerabilities
A UI solution used in the different Budibase projects.
-
latest version
3.0.4
-
latest non vulnerable version
-
first published
4 years ago
-
latest version published
10 hours ago
-
licenses detected
- >=0.0.1 <0.1.0; >=0.9.188
Direct Vulnerabilities
Known vulnerabilities in the @budibase/bbui package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
@budibase/bbui is an A UI solution used in the different Budibase projects. Affected versions of this package are vulnerable to Access Restriction Bypass. Whenever an admin invites people to be in their tenant, there's a risk that one of these app users change their own role to admin and then make the original admin a simple app user, being now capable of doing anything they would want to, including destroy all of a tenant apps or change their content to something else. How to fix Access Restriction Bypass? Upgrade |
<1.3.20
|