Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Nocodb
(Xgenecloud)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 11 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2023-09-21 | CVE-2023-5104 | Improper Input Validation in GitHub repository nocodb/nocodb prior to 0.96.0. | Nocodb | 6.5 | ||
2022-10-07 | CVE-2022-3423 | Allocation of Resources Without Limits or Throttling in GitHub repository nocodb/nocodb prior to 0.92.0. | Nocodb | 6.5 | ||
2022-06-13 | CVE-2022-2062 | Generation of Error Message Containing Sensitive Information in GitHub repository nocodb/nocodb prior to 0.91.7+. | Nocodb | 7.5 | ||
2022-07-07 | CVE-2022-2339 | With this SSRF vulnerability, an attacker can reach internal addresses to make a request as the server and read it's contents. This attack can lead to leak of sensitive information. | Nocodb | 7.5 | ||
2022-06-14 | CVE-2022-2079 | Cross-site Scripting (XSS) - Stored in GitHub repository nocodb/nocodb prior to 0.91.7+. | Nocodb | 5.4 | ||
2022-06-13 | CVE-2022-2063 | Improper Privilege Management in GitHub repository nocodb/nocodb prior to 0.91.7+. | Nocodb | 8.8 | ||
2022-06-13 | CVE-2022-2064 | Insufficient Session Expiration in GitHub repository nocodb/nocodb prior to 0.91.7+. | Nocodb | 8.8 | ||
2022-06-07 | CVE-2022-2022 | Cross-site Scripting (XSS) - Stored in GitHub repository nocodb/nocodb prior to 0.91.7. | Nocodb | 5.4 | ||
2022-01-10 | CVE-2022-22120 | In NocoDB, versions 0.9 to 0.83.8 are vulnerable to Observable Discrepancy in the password-reset feature. When requesting a password reset for a given email address, the application displays an error message when the email isn't registered within the system. This allows attackers to enumerate the registered users' email addresses. | Nocodb | 5.3 | ||
2022-01-10 | CVE-2022-22121 | In NocoDB, versions 0.81.0 through 0.83.8 are affected by CSV Injection vulnerability (Formula Injection). A low privileged attacker can create a new table to inject payloads in the table rows. When an administrator accesses the User Management endpoint and exports the data as a CSV file and opens it, the payload gets executed. | Nocodb | 8.0 |