@budibase/worker@0.9.190 vulnerabilities
Budibase background service
-
latest version
3.0.4
-
latest non vulnerable version
-
first published
3 years ago
-
latest version published
2 hours ago
-
licenses detected
- >=0.0.1 <0.9.1; >=0.9.188
Direct Vulnerabilities
Known vulnerabilities in the @budibase/worker package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
@budibase/worker is a Budibase background service Affected versions of this package are vulnerable to Access Restriction Bypass. Whenever an admin invites people to be in their tenant, there's a risk that one of these app users change their own role to admin and then make the original admin a simple app user, being now capable of doing anything they would want to, including destroy all of a tenant apps or change their content to something else. How to fix Access Restriction Bypass? Upgrade |
<1.3.20
|