Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS14cnBtLWhjY2ctMjh4N84AA1_d
Improper Input Validation in nocodb
Improper Input Validation in GitHub repository nocodb/nocodb prior to 0.96.0.
Permalink: https://github.com/advisories/GHSA-xrpm-hccg-28x7JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS14cnBtLWhjY2ctMjh4N84AA1_d
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: 8 months ago
Updated: 6 months ago
CVSS Score: 6.5
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Identifiers: GHSA-xrpm-hccg-28x7, CVE-2023-5104
References:
- https://nvd.nist.gov/vuln/detail/CVE-2023-5104
- https://github.com/nocodb/nocodb/commit/db0385cb8aab2a34e233454607f59152ac62b3e2
- https://huntr.dev/bounties/1b5c6d9f-941e-4dd7-a964-42b53d6826b0
- https://github.com/advisories/GHSA-xrpm-hccg-28x7
Blast Radius: 11.0
Affected Packages
npm:nocodb
Dependent packages: 1Dependent repositories: 49
Downloads: 1,158 last month
Affected Version Ranges: < 0.96.0
Fixed in: 0.96.0
All affected versions: 0.0.1, 0.1.29, 0.1.30, 0.1.31, 0.1.32, 0.1.33, 0.1.34, 0.1.35, 0.1.36, 0.1.37, 0.1.38, 0.9.11, 0.9.12, 0.9.13, 0.9.14, 0.9.15, 0.9.16, 0.9.17, 0.9.18, 0.9.19, 0.9.20, 0.9.21, 0.9.22, 0.9.23, 0.9.24, 0.9.25, 0.9.26, 0.9.27, 0.9.28, 0.9.29, 0.9.30, 0.9.31, 0.9.32, 0.9.33, 0.9.34, 0.9.35, 0.9.36, 0.9.37, 0.9.38, 0.9.39, 0.9.40, 0.9.41, 0.9.42, 0.9.43, 0.10.0, 0.10.1, 0.10.2, 0.10.3, 0.10.4, 0.10.5, 0.10.6, 0.11.0, 0.11.1, 0.11.2, 0.11.3, 0.11.4, 0.11.5, 0.11.7, 0.11.8, 0.11.9, 0.11.10, 0.11.11, 0.11.12, 0.11.13, 0.11.14, 0.11.15, 0.11.16, 0.11.17, 0.11.18, 0.11.19, 0.11.20, 0.11.21, 0.11.22, 0.11.23, 0.11.24, 0.11.25, 0.11.26, 0.11.27, 0.11.28, 0.11.29, 0.11.30, 0.11.32, 0.11.33, 0.11.34, 0.11.35, 0.11.36, 0.11.38, 0.11.39, 0.11.40, 0.11.41, 0.11.42, 0.11.43, 0.11.44, 0.11.45, 0.11.46, 0.80.0, 0.80.1, 0.81.0, 0.81.1, 0.82.0, 0.83.0, 0.83.1, 0.83.2, 0.83.3, 0.83.4, 0.83.5, 0.83.6, 0.83.8, 0.84.0, 0.84.1, 0.84.2, 0.84.3, 0.84.4, 0.84.5, 0.84.6, 0.84.7, 0.84.8, 0.84.9, 0.84.10, 0.84.12, 0.84.13, 0.84.14, 0.84.15, 0.84.16, 0.84.18, 0.90.0, 0.90.1, 0.90.2, 0.90.3, 0.90.4, 0.90.5, 0.90.7, 0.90.8, 0.90.9, 0.90.10, 0.90.11, 0.91.0, 0.91.1, 0.91.3, 0.91.6, 0.91.7, 0.91.8, 0.91.9, 0.91.10, 0.92.0, 0.92.1, 0.92.2, 0.92.3, 0.92.4
All unaffected versions: 0.96.0, 0.96.1, 0.96.2, 0.96.3, 0.96.4, 0.97.0, 0.98.0, 0.98.1, 0.98.2, 0.98.3, 0.98.4, 0.99.0, 0.99.1, 0.99.2, 0.100.0, 0.100.1, 0.100.2, 0.101.0, 0.101.1, 0.101.2, 0.104.0, 0.104.1, 0.104.2, 0.104.3, 0.105.0, 0.105.1, 0.105.2, 0.105.3, 0.106.0, 0.106.1, 0.107.0, 0.107.1, 0.107.2, 0.107.3, 0.107.4, 0.107.5, 0.108.0, 0.108.1, 0.109.0, 0.109.1, 0.109.2, 0.109.3, 0.109.4, 0.109.5, 0.109.6, 0.109.7, 0.111.0, 0.111.1, 0.111.2, 0.111.3, 0.111.4, 0.200.0, 0.202.0, 0.202.4, 0.202.5, 0.202.6, 0.202.7, 0.202.8, 0.202.9, 0.202.10, 0.203.0, 0.203.1, 0.203.2, 0.204.0, 0.204.1, 0.204.2, 0.204.3, 0.204.4, 0.204.5, 0.204.6, 0.204.7, 0.204.8, 0.204.9, 0.205.0, 0.205.1