NodeJS/firebase-tools/8.9.2

Command-Line Interface for Firebase

Repo Link: https://www.npmjs.com/package/firebase-tools
License: MIT

1 Security Vulnerabilities

Firebase vulnerable to CRSF attack

Published date: 2024-05-02T15:30:35Z

CVE: CVE-2024-4128

Links:

This vulnerability was a potential CSRF attack. When running the Firebase emulator suite, there is an export endpoint that is used normally to export data from running emulators. If a user was running the emulator and navigated to a malicious website with the exploit on a browser that allowed calls to localhost (ie Chrome before v94), the website could exfiltrate emulator data. We recommend upgrading past version 13.6.0 or commit 068a2b08dc308c7ab4b569617f5fc8821237e3a0.

Affected versions: ["0.0.3", "0.0.5", "0.1.2", "0.1.3", "0.1.4", "0.1.5", "0.1.6", "0.2.0", "0.3.0", "0.5.0", "1.0.1", "1.0.2", "1.1.0", "1.1.2", "1.1.5", "1.2.0", "2.0.2", "2.1.1", "2.2.0", "3.0.4", "3.0.5", "3.0.6", "3.0.7", "3.0.8", "3.1.0", "3.2.0", "3.2.3", "3.6.1", "3.9.2", "3.11.0", "3.12.0", "3.13.0", "3.13.1", "3.14.0", "3.15.0", "3.15.1", "3.15.2", "3.17.2", "3.17.6", "3.17.7", "3.18.4", "3.18.5", "3.19.0", "3.19.3", "4.0.0", "4.0.2", "4.1.0", "4.2.0", "4.2.1", "5.0.0", "5.1.0", "5.1.1", "6.0.1", "6.1.1", "6.1.2", "6.2.0", "6.2.1", "6.2.2", "6.5.0", "6.7.0", "6.7.1", "6.8.0", "6.9.0", "6.9.1", "6.9.2", "6.12.0", "7.0.2", "7.1.0", "7.2.0", "7.2.1", "7.2.2", "7.2.3", "7.3.0", "7.4.0", "7.5.0", "7.6.0", "7.6.2", "7.9.0", "7.12.0", "7.12.1", "7.13.0", "7.16.1", "8.0.0", "8.0.2", "8.1.0", "8.4.0", "8.4.2", "8.5.0", "8.6.0", "8.7.0", "8.8.1", "8.9.0", "8.9.2", "8.10.0", "8.11.1", "8.11.2", "8.13.0", "8.13.1", "8.14.1", "8.15.1", "8.16.1", "8.16.2", "8.20.0", "9.0.0", "9.0.1", "9.1.1", "9.1.2", "9.2.0", "9.2.2", "9.3.0", "9.4.0", "9.5.0", "9.6.1", "9.9.0", "9.10.0", "9.10.1", "9.10.2", "9.11.0", "9.12.0", "0.0.1", "0.0.2", "0.0.4", "0.0.6", "0.1.0", "0.1.1", "0.4.0", "1.0.0", "1.0.3", "1.0.4", "1.0.5", "1.0.6", "1.1.1", "1.1.3", "1.1.4", "1.1.6", "2.0.0", "2.0.1", "2.1.0", "2.2.1", "3.0.0", "3.0.1", "3.0.2", "3.0.3", "3.2.1", "3.2.2", "3.3.0", "3.4.0", "3.5.0", "3.6.0", "3.7.0", "3.8.0", "3.9.0", "3.9.1", "3.10.0", "3.10.1", "3.15.3", "3.15.4", "3.16.0", "3.17.0", "3.17.1", "3.17.3", "3.17.4", "3.17.5", "3.18.0", "3.18.1", "3.18.2", "3.18.3", "3.18.6", "3.19.1", "3.19.2", "4.0.1", "4.0.3", "4.1.1", "4.1.2", "5.0.1", "6.0.0", "6.1.0", "6.3.0", "6.3.1", "6.4.0", "6.5.1", "6.5.2", "6.5.3", "6.6.0", "6.7.2", "6.10.0", "6.11.0", "7.0.0", "7.0.1", "7.1.1", "7.2.4", "7.3.1", "7.3.2", "7.6.1", "7.7.0", "7.8.0", "7.8.1", "7.10.0", "7.11.0", "7.13.1", "7.14.0", "7.15.0", "7.15.1", "7.16.0", "7.16.2", "8.0.1", "8.0.3", "8.1.1", "8.2.0", "8.3.0", "8.4.1", "8.4.3", "8.8.0", "8.9.1", "8.11.0", "8.12.0", "8.12.1", "8.14.0", "8.15.0", "8.16.0", "8.17.0", "8.18.0", "8.18.1", "8.19.0", "9.1.0", "9.2.1", "9.6.0", "9.7.0", "9.8.0", "9.12.1", "9.13.0", "9.13.1", "9.14.0", "9.15.0", "9.15.1", "9.16.0", "9.16.1", "9.16.2", "9.16.3", "9.16.5", "9.16.4", "9.16.6", "9.17.0", "9.18.0", "9.19.0", "9.20.0", "9.21.0", "9.22.0", "9.23.0", "9.23.1", "9.23.2", "10.0.0", "10.0.1", "9.23.3", "10.1.0", "10.1.1", "10.1.2", "10.1.3", "10.1.4", "10.1.5", "10.2.0", "10.2.1", "10.2.2", "10.3.0", "10.3.1", "10.4.0", "10.4.1", "10.4.2", "10.5.0", "10.6.0", "10.7.0", "10.7.1", "10.7.2", "10.8.0", "10.9.0", "10.9.2", "10.9.1", "11.0.0", "11.0.1", "11.1.0", "11.2.0", "11.2.1", "11.2.2", "11.3.0", "11.4.0", "11.4.1", "11.4.2", "11.5.0", "11.6.0", "11.7.0", "11.8.0", "11.8.1", "11.9.0", "11.10.0", "11.10.1-canary.0", "11.10.1-canary.2", "11.10.1-canary.1", "11.11.0", "11.11.1-canary.0", "11.12.0", "11.12.1-canary.0", "11.13.0", "11.14.0", "11.14.1", "11.14.2", "11.14.3-canary.0", "11.14.3", "11.14.4", "11.15.0", "11.16.0", "11.16.1", "11.17.0", "11.18.0", "11.19.0", "11.20.0", "11.21.0", "11.22.0", "11.23.0", "11.23.1", "11.24.0", "11.24.1", "11.25.1", "11.25.0", "11.25.2", "11.25.3", "11.26.0", "11.27.0", "11.28.0", "11.29.0", "11.29.1", "11.30.0", "12.0.0", "12.0.1", "12.1.0", "12.2.0", "12.2.1", "12.3.0", "12.3.1", "12.4.0", "12.4.1", "12.4.2", "12.4.3", "12.4.4", "12.4.5", "12.4.6", "12.4.7", "12.4.8", "12.5.0", "12.5.1", "12.5.2", "12.5.3", "12.5.4", "12.6.0", "12.6.1", "12.6.2", "12.7.0", "12.8.0", "12.8.1", "12.9.0", "12.9.1", "13.0.0-canary.0", "13.0.0", "13.0.1", "13.0.2", "13.0.3", "13.1.0", "13.2.0", "13.2.1", "13.3.0", "13.3.1", "13.4.0", "13.4.1", "13.5.0", "13.5.1", "13.5.2"]

Secure versions: [13.10.0, 13.10.1, 13.10.2, 13.11.0, 13.11.1, 13.11.2, 13.11.3, 13.11.4, 13.12.0, 13.13.0, 13.13.1, 13.13.2, 13.13.3, 13.14.0, 13.14.1, 13.14.2, 13.15.0, 13.15.1, 13.15.2, 13.15.3, 13.15.4, 13.16.0, 13.17.0, 13.18.0, 13.19.0, 13.20.0, 13.20.1, 13.20.2, 13.21.0, 13.22.0, 13.22.1, 13.23.0, 13.23.1, 13.24.0, 13.24.1, 13.24.2, 13.25.0, 13.26.0, 13.27.0, 13.28.0, 13.29.0, 13.29.1, 13.29.2, 13.29.3, 13.30.0, 13.31.0, 13.31.1, 13.31.2, 13.32.0, 13.33.0, 13.34.0, 13.35.0, 13.35.1, 13.6.0, 13.6.1, 13.7.0, 13.7.1, 13.7.2, 13.7.3, 13.7.4, 13.7.5, 13.8.0, 13.8.1, 13.8.2, 13.8.3, 13.9.0, 14.0.0, 14.0.1, 14.1.0, 14.10.0, 14.10.1, 14.11.0, 14.11.1, 14.11.2, 14.12.0, 14.12.1, 14.13.0, 14.14.0, 14.15.0, 14.15.1, 14.15.2, 14.16.0, 14.17.0, 14.17.1-10-1-preview.0, 14.17.1-9-29-preview.0, 14.17.1-924-preview.0, 14.17.1-925-preview-.0, 14.17.1-925-preview.0, 14.17.1-master.0, 14.18.0, 14.19.0, 14.19.1, 14.2.0, 14.2.1, 14.2.2, 14.3.0, 14.3.1, 14.4.0, 14.5.0, 14.5.1, 14.6.0, 14.7.0, 14.8.0, 14.9.0]

Recommendation: Update to version 14.19.1.

479 Other Versions

Version	License	Security	Released
13.7.1	MIT		2024-04-05 - 18:11	over 1 year
13.7.0	MIT		2024-04-04 - 20:14	over 1 year
13.6.1	MIT		2024-04-02 - 21:58	over 1 year
13.6.0	MIT		2024-03-26 - 23:25	over 1 year
13.5.2	MIT	1	2024-03-19 - 21:48	over 1 year
13.5.1	MIT	1	2024-03-14 - 21:31	over 1 year
13.5.0	MIT	1	2024-03-13 - 22:17	over 1 year
13.4.1	MIT	1	2024-03-07 - 22:45	over 1 year
13.4.0	MIT	1	2024-02-27 - 22:39	over 1 year
13.3.1	MIT	1	2024-02-21 - 22:31	over 1 year
13.3.0	MIT	1	2024-02-14 - 22:58	over 1 year
13.2.1	MIT	1	2024-02-07 - 17:16	over 1 year
13.2.0	MIT	1	2024-02-06 - 22:45	over 1 year
13.1.0	MIT	1	2024-01-24 - 23:14	over 1 year
13.0.3	MIT	1	2024-01-09 - 22:50	over 1 year
13.0.2	MIT	1	2023-12-14 - 22:14	almost 2 years
13.0.1	MIT	1	2023-12-07 - 23:42	almost 2 years
13.0.0	MIT	1	2023-12-06 - 20:24	almost 2 years
13.0.0-canary.0	MIT	1	2023-12-05 - 20:44	almost 2 years
12.9.1	MIT	1	2023-11-15 - 18:03	almost 2 years
12.9.0	MIT	1	2023-11-14 - 22:58	almost 2 years
12.8.1	MIT	1	2023-11-07 - 22:04	almost 2 years
12.8.0	MIT	1	2023-10-31 - 20:10	almost 2 years
12.7.0	MIT	1	2023-10-11 - 22:07	almost 2 years
12.6.2	MIT	1	2023-10-04 - 21:51	about 2 years
12.6.1	MIT	1	2023-09-27 - 20:58	about 2 years
12.6.0	MIT	1	2023-09-26 - 21:51	about 2 years
12.5.4	MIT	1	2023-09-12 - 22:07	about 2 years
12.5.3	MIT	1	2023-09-08 - 17:59	about 2 years
12.5.2	MIT	1	2023-08-24 - 18:49	about 2 years
12.5.1	MIT	1	2023-08-23 - 21:48	about 2 years
12.5.0	MIT	1	2023-08-22 - 20:50	about 2 years
12.4.8	MIT	1	2023-08-15 - 21:27	about 2 years
12.4.7	MIT	1	2023-08-02 - 20:56	about 2 years
12.4.6	MIT	1	2023-07-25 - 21:52	about 2 years
12.4.5	MIT	1	2023-07-19 - 20:41	about 2 years
12.4.4	MIT	1	2023-07-12 - 20:22	about 2 years
12.4.3	MIT	1	2023-07-06 - 20:02	over 2 years
12.4.2	MIT	1	2023-06-28 - 21:22	over 2 years
12.4.1	MIT	1	2023-06-27 - 21:32	over 2 years
12.4.0	MIT	1	2023-06-15 - 20:11	over 2 years
12.3.1	MIT	1	2023-06-06 - 21:18	over 2 years
12.3.0	MIT	1	2023-06-01 - 22:34	over 2 years
12.2.1	MIT	1	2023-05-24 - 21:38	over 2 years
12.2.0	MIT	1	2023-05-23 - 20:59	over 2 years
12.1.0	MIT	1	2023-05-19 - 18:50	over 2 years
12.0.1	MIT	1	2023-05-16 - 19:42	over 2 years
12.0.0	MIT	1	2023-05-09 - 18:53	over 2 years
11.30.0	MIT	1	2023-05-03 - 18:25	over 2 years
11.29.1	MIT	1	2023-04-26 - 22:26	over 2 years