8.7.3
11 years ago
1 months ago
Known vulnerabilities in the generator-jhipster package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
generator-jhipster is a development platform to generate, develop and deploy Spring Boot + Angular / React / Vue Web applications and Spring microservices. Affected versions of this package are vulnerable to Information Exposure. On the user management webpage: The data displayed on the screen is from the How to fix Information Exposure? Upgrade | <6.10.2 |
generator-jhipster is a development platform to generate, develop and deploy Spring Boot + Angular / React / Vue Web applications and Spring microservices. Affected versions of this package are vulnerable to Improper Output Neutralization for Logs. User-provided text can be used to forge logs when using the API. How to fix Improper Output Neutralization for Logs? Upgrade | <6.9.0 |
generator-jhipster is a development platform to generate, develop and deploy Spring Boot + Angular / React / Vue Web applications and Spring microservices. Affected versions of this package are vulnerable to Unsafe Dependency Resolution. Generated code uses repository configuration that downloads over HTTP instead of HTTPS How to fix Unsafe Dependency Resolution? Upgrade | <6.3.1 |
generator-jhipster is a development platform to generate, develop and deploy Spring Boot + Angular / React / Vue Web applications and Spring microservices. Affected versions of this package are vulnerable to Insecure Randomness. Uses an insecure source of randomness to generate all of its random values as it relies upon apache commons lang3 How to fix Insecure Randomness? Upgrade | <6.3.0 |