soletta-dev-app@0.0.3 vulnerabilities

Soletta Development Application provides a web-based environment where developers can write, visualize, modify, run, test and debug their Soletta FBP programs. The Soletta Development Application is supposed to run on your target board and it then exposes

Direct Vulnerabilities

Known vulnerabilities in the soletta-dev-app package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • C
Arbitrary Code Injection

soletta-dev-app is a Soletta Development Application which provides a web-based environment where developers can write, visualize, modify, run, test and debug their Soletta FBP programs. The Soletta Development Application is supposed to run on your target board and it then exposes.

Affected versions of this package are vulnerable to Arbitrary Code Injection. The package does not validate user input on the /api/service/status API endpoint, passing contents of the service query parameter to an exec call.

How to fix Arbitrary Code Injection?

There is no fixed version for soletta-dev-app.

*