CVE-2026-31818: Budibase SSRF Vulnerability (≤< 3.33.4)
Plattform
nodejs
Komponente
@budibase/backend-core
Behoben in
3.33.4
CVE-2026-31818 describes a Server-Side Request Forgery (SSRF) vulnerability affecting Budibase. This flaw allows attackers to make unauthorized requests from the Budibase server, potentially accessing internal resources or external services. Versions of Budibase less than 3.33.4 are affected because the platform's SSRF protection mechanism is rendered ineffective. The vulnerability is fixed in version 3.33.4.
So beheben
Kein offizieller Patch verfügbar. Prüfe auf Workarounds oder überwache auf Updates.
Häufig gestellte Fragen
What is CVE-2026-31818?
CVE-2026-31818 is a Server-Side Request Forgery (SSRF) vulnerability in Budibase that allows attackers to make unauthorized requests from the server.
Am I affected by CVE-2026-31818?
You are affected if you are using Budibase version less than 3.33.4. The vulnerability exists due to an ineffective IP blacklist.
How do I fix CVE-2026-31818?
To fix this vulnerability, upgrade your Budibase installation to version 3.33.4 or later. This version includes a patch that corrects the SSRF protection mechanism.
Abhängigkeiten automatisch überwachen
Werde benachrichtigt, wenn neue Schwachstellen deine Projekte betreffen. Für immer kostenlos.
Kostenlos starten