CVE-2022-3225: Budibase Improper Control of Dynamically-Managed Code Resources vulnerability

September 17, 2022 (updated February 27, 2026)

Improper Control of Dynamically-Managed Code Resources in GitHub repository budibase/budibase prior to 1.3.20.

References

github.com/Budibase/budibase/releases/tag/v1.3.20
github.com/advisories/GHSA-x92g-49gh-63qm
github.com/budibase/budibase
github.com/budibase/budibase/commit/d35864be0854216693a01307f81ffcabf6d549df
huntr.dev/bounties/a13a56b7-04da-4560-b8ec-0d637d12a245
nvd.nist.gov/vuln/detail/CVE-2022-3225

Code Behaviors & Features

Detect and mitigate CVE-2022-3225 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →