npm package
@strapi/database
pkg:npm/%40strapi/database
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-34235 | — | < 4.10.8 | 4.10.8 | Jul 25, 2023 | Strapi is an open-source headless content management system. Prior to version 4.10.8, it is possible to leak private fields if one is using the `t(number)` prefix. Knex query allows users to change the default prefix. For example, if someone changes the prefix to be the same as i | ||
| CVE-2023-34093 | — | < 4.10.8 | 4.10.8 | Jul 25, 2023 | Strapi is an open-source headless content management system. Prior to version 4.10.8, anyone (Strapi developers, users, plugins) can make every attribute of a Content-Type public without knowing it. The vulnerability only affects the handling of content types by Strapi, not the a |
- CVE-2023-34235Jul 25, 2023affected < 4.10.8fixed 4.10.8
Strapi is an open-source headless content management system. Prior to version 4.10.8, it is possible to leak private fields if one is using the `t(number)` prefix. Knex query allows users to change the default prefix. For example, if someone changes the prefix to be the same as i
- CVE-2023-34093Jul 25, 2023affected < 4.10.8fixed 4.10.8
Strapi is an open-source headless content management system. Prior to version 4.10.8, anyone (Strapi developers, users, plugins) can make every attribute of a Content-Type public without knowing it. The vulnerability only affects the handling of content types by Strapi, not the a