uptime-kuma@2.0.0-dev.0 vulnerabilities
-
latest version
2.0.0-dev.0
-
first published
9 months ago
-
latest version published
9 months ago
Direct Vulnerabilities
Known vulnerabilities in the uptime-kuma package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
uptime-kuma is a Affected versions of this package are vulnerable to Session Fixation due to improper session management after a password change. An attacker can maintain access to an account without needing to re-authenticate by using an existing session that should have been invalidated. Notes:
How to fix Session Fixation? A fix was pushed into the |
>=0.0.0
|
uptime-kuma is a Affected versions of this package are vulnerable to OS Command Injection due to improper validation of Note:
When using Uptime Kuma inside a container, the How to fix OS Command Injection? A fix was pushed into the |
>=2.0.0-dev.0
|