Ecosyste.ms: Packages

An open API service providing package, version and dependency metadata of many open source software ecosystems and registries.

Top 0.5% on npmjs.org
Top 0.4% downloads on npmjs.org
Top 1.0% dependent packages on npmjs.org
Top 0.4% dependent repos on npmjs.org
Top 0.4% forks on npmjs.org
Top 0.6% docker downloads on npmjs.org

npmjs.org : @strapi/plugin-users-permissions

Protect your API with a full-authentication process based on JWT

Registry - Source - JSON
purl: pkg:npm/%40strapi/plugin-users-permissions
Keywords: api, cms, cms-framework, content-management, content-management-system, customizable, dashboard, graphql, hacktoberfest, headless-cms, jamstack, javascript, koa, koa2, mysql, no-code, nodejs, rest, strapi, typescript
License: ICU
Latest release: 3 days ago
First release: about 1 year ago
Namespace: strapi
Dependent packages: 34
Dependent repositories: 2,929
Downloads: 399,710 last month
Stars: 60,269 on GitHub
Forks: 7,540 on GitHub
Docker dependents: 187
Docker downloads: 229,112
Total Commits: 22974
Committers: 1073
Average commits per author: 21.411
Development Distribution Score (DDS): 0.847
More commit stats: commits.ecosyste.ms
See more repository details: repos.ecosyste.ms
Funding links: https://opencollective.com/strapi
Last synced: about 22 hours ago

High
GSA_kwCzR0hTQS14djNxLWpybW0tNGZ4ds4AAy3O
Authentication Bypass in @strapi/plugin-users-permissions
Ecosystems: npm
Packages: @strapi/plugin-users-permissions
Source: github
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS01ODN4LTIzaDktZjV3N84AAy3y
Strapi does not verify the access or ID tokens issued during the OAuth flow
Ecosystems: npm
Packages: @strapi/plugin-users-permissions
Source: github
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS0yaDg3LTRxMnctdjRoZs4AAy4o
Strapi plugins vulnerable to Server-Side Template Injection and Remote Code Execution in the Users-Permissions Plugin
Ecosystems: npm
Packages: @strapi/plugin-email, @strapi/plugin-users-permissions
Source: github
Published: about 1 year ago
High
GSA_kwCzR0hTQS1nYzdwLWo1eG0teHhoMs4AA26o
Unauthorized Access to Private Fields in User Registration API
Ecosystems: npm
Packages: @strapi/strapi, @strapi/plugin-users-permissions
Source: github
Published: 6 months ago
High
GSA_kwCzR0hTQS0yNHEyLTU5aG0tcmg5cs4AA12t
Strapi Improper Rate Limiting vulnerability
Ecosystems: npm
Packages: @strapi/plugin-users-permissions, @strapi/admin
Source: github
Published: 8 months ago