Security Advisories for @budibase/server in npm
Moderate
14 days ago
Budibase: CouchDB Reduce Injection via Unsanitized Calculation Parameter in V1 Views API
npm
@budibase/server
High
17 days ago
Budibase: SSRF Bypass via HTTP Redirect in REST Datasource Integration
npm
@budibase/server
High
17 days ago
Budibase: SSRF in AI Extract File Automation Step via Missing IP Blacklist Validation
npm
@budibase/server
Critical
about 2 months ago
Budibase: Unauthenticated Remote Code Execution via Webhook Trigger and Bash Automation Step
npm
@budibase/server
High
about 2 months ago
Budibase: Path traversal in plugin file upload enables arbitrary directory deletion and file write
npm
@budibase/server
High
3 months ago
@budibase/server: Command Injection in PostgreSQL Dump Command
npm
@budibase/server
Critical
over 2 years ago
Budibase affected by VM2 Constructor Escape Vulnerability
npm
@budibase/server
Potential
Moderate
over 3 years ago
Budibase Improper Control of Dynamically-Managed Code Resources vulnerability
npm
@budibase/bbui, @budibase/builder, @budibase/worker