@budibase/server

Budibase Web Server

Licenses: AGPL-3.0 | GPL-3.0

Published: 6 years ago Last updated: 14 days ago Latest version: 3.38.1 Latest non-vulnerable version: 3.38.1

License

>=0.0.1 <0.0.999-alpha.30;

>=0.1.0 <0.9.188;

>=0.0.0 <0.0.1;

>=0.0.999-alpha.30 <0.1.0;

>=0.9.188;

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the @budibase/server package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
M Incorrect Authorization	<3.38.1
H Arbitrary Code Injection	<3.38.1
M Server-side Request Forgery (SSRF)	<3.38.1
M Server-side Request Forgery (SSRF)	<3.34.8
H Missing Authorization	<3.38.1
M Server-side Request Forgery (SSRF)	<3.35.10
H Command Injection	<3.33.4
C Command Injection	<3.33.4
H Directory Traversal	<3.33.4
C Server-side Request Forgery (SSRF)	<3.34.8
H Eval Injection	<3.30.4

Package versions

3142 VERSIONS IN TOTAL See all versions

version	published	direct vulnerabilities
3.38.1	12 May, 2026	0 C 0 H 0 M 0 L
3.38.0	7 May, 2026	0 C 2 H 2 M 0 L
3.37.5	7 May, 2026	0 C 2 H 2 M 0 L
3.37.4	5 May, 2026	0 C 2 H 2 M 0 L
3.37.3	4 May, 2026	0 C 2 H 2 M 0 L
3.37.2	30 Apr, 2026	0 C 2 H 2 M 0 L
3.37.1	29 Apr, 2026	0 C 2 H 2 M 0 L
3.37.0	28 Apr, 2026	0 C 2 H 2 M 0 L
3.36.5	27 Apr, 2026	0 C 2 H 2 M 0 L
3.36.4	27 Apr, 2026	0 C 2 H 2 M 0 L