Homepage

generator-jhipster@7.8.1 vulnerabilities

Spring Boot + Angular/React/Vue in one handy generator

  • latest version

    8.11.0

  • first published

    11 years ago

  • latest version published

    4 months ago

  • licenses detected

  • View generator-jhipster package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the generator-jhipster package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • H
    Incorrect Authorization

    generator-jhipster is a development platform to generate, develop and deploy Spring Boot + Angular / React / Vue Web applications and Spring microservices.

    Affected versions of this package are vulnerable to Incorrect Authorization via the authorities parameter in the response from the api/account endpoint. An attacker can gain elevated privileges by modifying the value of the authorities parameter for ROLE_USER to ROLE_ADMIN.

    Note: The reporter of this vulnerability claims that the project maintainers do not intend to release a fix.

    How to fix Incorrect Authorization?

    There is no fixed version for generator-jhipster.

    *
    Go back to all versions of this package