Vulnerability Database

Bower Packages Exposure

Bower is a package manager for the web. It is akin to what npm is to Node.js. It is a simple, lightweight tool that allows you to link to front-end libraries and packages in a directory structure.

Bower artefacts such as bower.json can reveal the presence of internal software dependencies, version, directories and other sensitive information that be used by attackers.

Solution

Ensure that all build artefacts such as bower.json are removed prior to publishing your application.

Ultimate

Enterprise
  • All Tools, Services, and Plans
  • Suitable For Enterprises
  • Single Sign-On Integration, Single Tenant
  • Dedicated Support, Custom Integrations
  • Annual or Monthly, Fixed-cost Billing