NodeJS/firebase-tools/3.18.5

Command-Line Interface for Firebase

Repo Link: https://www.npmjs.com/package/firebase-tools
License: MIT

1 Security Vulnerabilities

Firebase vulnerable to CRSF attack

Published date: 2024-05-02T15:30:35Z

CVE: CVE-2024-4128

Links:

This vulnerability was a potential CSRF attack. When running the Firebase emulator suite, there is an export endpoint that is used normally to export data from running emulators. If a user was running the emulator and navigated to a malicious website with the exploit on a browser that allowed calls to localhost (ie Chrome before v94), the website could exfiltrate emulator data. We recommend upgrading past version 13.6.0 or commit 068a2b08dc308c7ab4b569617f5fc8821237e3a0.

Affected versions: ["0.0.3", "0.0.5", "0.1.2", "0.1.3", "0.1.4", "0.1.5", "0.1.6", "0.2.0", "0.3.0", "0.5.0", "1.0.1", "1.0.2", "1.1.0", "1.1.2", "1.1.5", "1.2.0", "2.0.2", "2.1.1", "2.2.0", "3.0.4", "3.0.5", "3.0.6", "3.0.7", "3.0.8", "3.1.0", "3.2.0", "3.2.3", "3.6.1", "3.9.2", "3.11.0", "3.12.0", "3.13.0", "3.13.1", "3.14.0", "3.15.0", "3.15.1", "3.15.2", "3.17.2", "3.17.6", "3.17.7", "3.18.4", "3.18.5", "3.19.0", "3.19.3", "4.0.0", "4.0.2", "4.1.0", "4.2.0", "4.2.1", "5.0.0", "5.1.0", "5.1.1", "6.0.1", "6.1.1", "6.1.2", "6.2.0", "6.2.1", "6.2.2", "6.5.0", "6.7.0", "6.7.1", "6.8.0", "6.9.0", "6.9.1", "6.9.2", "6.12.0", "7.0.2", "7.1.0", "7.2.0", "7.2.1", "7.2.2", "7.2.3", "7.3.0", "7.4.0", "7.5.0", "7.6.0", "7.6.2", "7.9.0", "7.12.0", "7.12.1", "7.13.0", "7.16.1", "8.0.0", "8.0.2", "8.1.0", "8.4.0", "8.4.2", "8.5.0", "8.6.0", "8.7.0", "8.8.1", "8.9.0", "8.9.2", "8.10.0", "8.11.1", "8.11.2", "8.13.0", "8.13.1", "8.14.1", "8.15.1", "8.16.1", "8.16.2", "8.20.0", "9.0.0", "9.0.1", "9.1.1", "9.1.2", "9.2.0", "9.2.2", "9.3.0", "9.4.0", "9.5.0", "9.6.1", "9.9.0", "9.10.0", "9.10.1", "9.10.2", "9.11.0", "9.12.0", "0.0.1", "0.0.2", "0.0.4", "0.0.6", "0.1.0", "0.1.1", "0.4.0", "1.0.0", "1.0.3", "1.0.4", "1.0.5", "1.0.6", "1.1.1", "1.1.3", "1.1.4", "1.1.6", "2.0.0", "2.0.1", "2.1.0", "2.2.1", "3.0.0", "3.0.1", "3.0.2", "3.0.3", "3.2.1", "3.2.2", "3.3.0", "3.4.0", "3.5.0", "3.6.0", "3.7.0", "3.8.0", "3.9.0", "3.9.1", "3.10.0", "3.10.1", "3.15.3", "3.15.4", "3.16.0", "3.17.0", "3.17.1", "3.17.3", "3.17.4", "3.17.5", "3.18.0", "3.18.1", "3.18.2", "3.18.3", "3.18.6", "3.19.1", "3.19.2", "4.0.1", "4.0.3", "4.1.1", "4.1.2", "5.0.1", "6.0.0", "6.1.0", "6.3.0", "6.3.1", "6.4.0", "6.5.1", "6.5.2", "6.5.3", "6.6.0", "6.7.2", "6.10.0", "6.11.0", "7.0.0", "7.0.1", "7.1.1", "7.2.4", "7.3.1", "7.3.2", "7.6.1", "7.7.0", "7.8.0", "7.8.1", "7.10.0", "7.11.0", "7.13.1", "7.14.0", "7.15.0", "7.15.1", "7.16.0", "7.16.2", "8.0.1", "8.0.3", "8.1.1", "8.2.0", "8.3.0", "8.4.1", "8.4.3", "8.8.0", "8.9.1", "8.11.0", "8.12.0", "8.12.1", "8.14.0", "8.15.0", "8.16.0", "8.17.0", "8.18.0", "8.18.1", "8.19.0", "9.1.0", "9.2.1", "9.6.0", "9.7.0", "9.8.0", "9.12.1", "9.13.0", "9.13.1", "9.14.0", "9.15.0", "9.15.1", "9.16.0", "9.16.1", "9.16.2", "9.16.3", "9.16.5", "9.16.4", "9.16.6", "9.17.0", "9.18.0", "9.19.0", "9.20.0", "9.21.0", "9.22.0", "9.23.0", "9.23.1", "9.23.2", "10.0.0", "10.0.1", "9.23.3", "10.1.0", "10.1.1", "10.1.2", "10.1.3", "10.1.4", "10.1.5", "10.2.0", "10.2.1", "10.2.2", "10.3.0", "10.3.1", "10.4.0", "10.4.1", "10.4.2", "10.5.0", "10.6.0", "10.7.0", "10.7.1", "10.7.2", "10.8.0", "10.9.0", "10.9.2", "10.9.1", "11.0.0", "11.0.1", "11.1.0", "11.2.0", "11.2.1", "11.2.2", "11.3.0", "11.4.0", "11.4.1", "11.4.2", "11.5.0", "11.6.0", "11.7.0", "11.8.0", "11.8.1", "11.9.0", "11.10.0", "11.10.1-canary.0", "11.10.1-canary.2", "11.10.1-canary.1", "11.11.0", "11.11.1-canary.0", "11.12.0", "11.12.1-canary.0", "11.13.0", "11.14.0", "11.14.1", "11.14.2", "11.14.3-canary.0", "11.14.3", "11.14.4", "11.15.0", "11.16.0", "11.16.1", "11.17.0", "11.18.0", "11.19.0", "11.20.0", "11.21.0", "11.22.0", "11.23.0", "11.23.1", "11.24.0", "11.24.1", "11.25.1", "11.25.0", "11.25.2", "11.25.3", "11.26.0", "11.27.0", "11.28.0", "11.29.0", "11.29.1", "11.30.0", "12.0.0", "12.0.1", "12.1.0", "12.2.0", "12.2.1", "12.3.0", "12.3.1", "12.4.0", "12.4.1", "12.4.2", "12.4.3", "12.4.4", "12.4.5", "12.4.6", "12.4.7", "12.4.8", "12.5.0", "12.5.1", "12.5.2", "12.5.3", "12.5.4", "12.6.0", "12.6.1", "12.6.2", "12.7.0", "12.8.0", "12.8.1", "12.9.0", "12.9.1", "13.0.0-canary.0", "13.0.0", "13.0.1", "13.0.2", "13.0.3", "13.1.0", "13.2.0", "13.2.1", "13.3.0", "13.3.1", "13.4.0", "13.4.1", "13.5.0", "13.5.1", "13.5.2"]

Secure versions: [13.10.0, 13.10.1, 13.10.2, 13.11.0, 13.11.1, 13.11.2, 13.11.3, 13.11.4, 13.12.0, 13.13.0, 13.13.1, 13.13.2, 13.13.3, 13.14.0, 13.14.1, 13.14.2, 13.15.0, 13.15.1, 13.15.2, 13.15.3, 13.15.4, 13.16.0, 13.17.0, 13.18.0, 13.19.0, 13.20.0, 13.20.1, 13.20.2, 13.21.0, 13.22.0, 13.22.1, 13.23.0, 13.23.1, 13.24.0, 13.24.1, 13.24.2, 13.25.0, 13.26.0, 13.27.0, 13.28.0, 13.29.0, 13.29.1, 13.29.2, 13.29.3, 13.30.0, 13.31.0, 13.31.1, 13.31.2, 13.32.0, 13.33.0, 13.34.0, 13.35.0, 13.35.1, 13.6.0, 13.6.1, 13.7.0, 13.7.1, 13.7.2, 13.7.3, 13.7.4, 13.7.5, 13.8.0, 13.8.1, 13.8.2, 13.8.3, 13.9.0, 14.0.0, 14.0.1, 14.1.0, 14.10.0, 14.10.1, 14.11.0, 14.11.1, 14.11.2, 14.12.0, 14.12.1, 14.13.0, 14.14.0, 14.15.0, 14.15.1, 14.15.2, 14.16.0, 14.17.0, 14.17.1-10-1-preview.0, 14.17.1-9-29-preview.0, 14.17.1-924-preview.0, 14.17.1-925-preview-.0, 14.17.1-925-preview.0, 14.17.1-master.0, 14.18.0, 14.19.0, 14.19.1, 14.2.0, 14.2.1, 14.2.2, 14.3.0, 14.3.1, 14.4.0, 14.5.0, 14.5.1, 14.6.0, 14.7.0, 14.8.0, 14.9.0]

Recommendation: Update to version 14.19.1.

479 Other Versions

Version	License	Security	Released
8.4.2	MIT	1	2020-06-05 - 20:13	over 5 years
8.4.1	MIT	1	2020-05-28 - 21:30	over 5 years
8.4.0	MIT	1	2020-05-21 - 18:23	over 5 years
8.3.0	MIT	1	2020-05-18 - 19:18	over 5 years
8.2.0	MIT	1	2020-04-27 - 18:32	over 5 years
8.1.1	MIT	1	2020-04-17 - 21:01	over 5 years
8.1.0	MIT	1	2020-04-16 - 19:25	over 5 years
8.0.3	MIT	1	2020-04-13 - 19:02	over 5 years
8.0.2	MIT	1	2020-04-06 - 23:14	over 5 years
8.0.1	MIT	1	2020-04-02 - 23:11	over 5 years
8.0.0	MIT	1	2020-03-31 - 20:06	over 5 years
7.16.2	MIT	1	2020-03-30 - 19:09	over 5 years
7.16.1	MIT	1	2020-03-24 - 23:41	over 5 years
7.16.0	MIT	1	2020-03-23 - 21:47	over 5 years
7.15.1	MIT	1	2020-03-17 - 02:54	over 5 years
7.15.0	MIT	1	2020-03-13 - 00:11	over 5 years
7.14.0	MIT	1	2020-02-26 - 22:02	over 5 years
7.13.1	MIT	1	2020-02-18 - 17:21	over 5 years
7.13.0	MIT	1	2020-02-12 - 18:11	over 5 years
7.12.1	MIT	1	2020-01-14 - 23:38	over 5 years
7.12.0	MIT	1	2020-01-13 - 17:21	over 5 years
7.11.0	MIT	1	2019-12-18 - 22:32	almost 6 years
7.10.0	MIT	1	2019-12-12 - 18:12	almost 6 years
7.9.0	MIT	1	2019-12-04 - 17:43	almost 6 years
7.8.1	MIT	1	2019-11-20 - 22:37	almost 6 years
7.8.0	MIT	1	2019-11-19 - 00:04	almost 6 years
7.7.0	MIT	1	2019-11-07 - 23:20	almost 6 years
7.6.2	MIT	1	2019-10-28 - 23:10	almost 6 years
7.6.1	MIT	1	2019-10-17 - 17:15	almost 6 years
7.6.0	MIT	1	2019-10-15 - 22:31	almost 6 years
7.5.0	MIT	1	2019-10-08 - 16:54	about 6 years
7.4.0	MIT	1	2019-09-25 - 20:04	about 6 years
7.3.2	MIT	1	2019-09-12 - 00:14	about 6 years
7.3.1	MIT	1	2019-09-03 - 23:19	about 6 years
7.3.0	MIT	1	2019-08-27 - 15:33	about 6 years
7.2.4	MIT	1	2019-08-20 - 00:34	about 6 years
7.2.3	MIT	1	2019-08-19 - 18:33	about 6 years
7.2.2	MIT	1	2019-07-30 - 22:24	about 6 years
7.2.1	MIT	1	2019-07-26 - 00:12	about 6 years
7.2.0	MIT	1	2019-07-24 - 16:35	about 6 years
7.1.1	MIT	1	2019-07-17 - 20:45	about 6 years
7.1.0	MIT	1	2019-07-11 - 21:54	about 6 years
7.0.2	MIT	1	2019-06-25 - 20:48	over 6 years
7.0.1	MIT	1	2019-06-20 - 16:37	over 6 years
7.0.0	MIT	1	2019-06-12 - 22:45	over 6 years
6.12.0	MIT	1	2019-06-12 - 18:43	over 6 years
6.11.0	MIT	1	2019-06-04 - 17:38	over 6 years
6.10.0	MIT	1	2019-05-17 - 21:22	over 6 years
6.9.2	MIT	1	2019-05-10 - 23:15	over 6 years
6.9.1	MIT	1	2019-05-08 - 17:50	over 6 years