pkg:npm/strapi

共 13 筆 CVECRITICAL3HIGH7MEDIUM3

✅ 檢查你的版本

所有已知漏洞

  • CRITICAL9.8CVE-2022-27263Unrestricted Upload of File with Dangerous Type in Strapi
    from 0, <= 4.1.5
  • CRITICAL9.8CVE-2020-27664Authorization bypass in Strapi
    from 0, < 3.2.5
  • CRITICAL9.8CVE-2019-18818Strapi allows unauthenticated attacker to reset admin password without valid reset token
    from 0, < 3.0.0-beta.17.5
  • HIGH8.8CVE-2022-31367Strapi mishandles hidden attributes within admin API responses
    from 0, < 3.6.10
  • HIGH8.8CVE-2022-30617Improper Removal of Sensitive Information Before Storage or Transfer in Strapi
    >= 3.0.0, < 3.6.9
  • HIGH8.1CVE-2021-28128Weak Password Recovery Mechanism for Forgotten Password in Strapi
    from 0, <= 3.6.0
  • HIGH7.5CVE-2022-30618Improper Removal of Sensitive Information Before Storage or Transfer in Strapi
    >= 3.0.0, < 3.6.9
  • HIGH7.5CVE-2021-46440Insecure password handling vulnerability in Strapi
    from 0, < 3.6.9
  • HIGH7.2CVE-2019-19609Command Injection in strapi
    from 0, < 3.0.0-beta.17.8
  • HIGH7.2CVE-2019-19609Command Injection in strapi
    from 0, < 3.0.0-beta.17.8
  • MEDIUM6.5CVE-2020-13961Improper Input Validation in strapi
    from 0, < 3.0.2
  • MEDIUM6.1CVE-2022-0764Command injection in strapi
    from 0, < 4.1.0
  • MEDIUM4.8CVE-2022-29894Cross-site Scripting in Strapi
    from 0, <= 3.6.10
npm/strapi — 13 CVEs · VulnScope