Homepage

airtable@0.10.1 vulnerabilities

The official Airtable JavaScript library.

  • latest version

    0.12.2

  • latest non vulnerable version

    0.12.2

  • first published

    10 years ago

  • latest version published

    2 years ago

  • licenses detected

  • View airtable package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the airtable package. This does not include vulnerabilities belonging to this package’s dependencies.

    Fix vulnerabilities automatically

    Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

    Fix for free
    VulnerabilityVulnerable Version
    • H
    Insufficiently Protected Credentials

    airtable is a javascript client for Airtable.

    Affected versions of this package are vulnerable to Insufficiently Protected Credentials due to the usage of misconfigured build script in its source package, which bundles environment variables (AIRTABLE_API_KEY and AIRTABLE_ENDPOINT_URL) into the build target of a transpiled bundle.

    NOTE: This vulnerability is relevant only if all of the following conditions are met:

    1. the user has cloned the Airtable.js source onto their machine.

    2. the user runs the npm prepare script

    3. the user has the AIRTABLE_API_KEY environment variable set.

    How to fix Insufficiently Protected Credentials?

    Upgrade airtable to version 0.11.6 or higher.

    <0.11.6
    Go back to all versions of this package