@nuxt/nitro-server Security Advisories - Npm | Ecosyste.ms: Advisories

@nuxt/nitro-server

Nitro server integration for Nuxt

View on github.com · View on npmjs.org

Security Advisories for @nuxt/nitro-server in npm

Moderate

3 days ago

Nuxt's route middleware is not enforced when rendering `.server.vue` pages via `/__nuxt_island/page_*` GSA_kwCzR0hTQS1oZzNmLTI4cmctNGp4as4ABXu0

npm @nuxt/nitro-server, nuxt

Low

13 days ago

Nuxt: `__nuxt_island` endpoint does not bind responses to request props, enabling shared-cache poisoning GSA_kwCzR0hTQS1nOHdqLTNjcjMtNnc3ds4ABXHs

npm @nuxt/nitro-server, nuxt

Potential

Low

9 months ago

Nuxt has Client-Side Path Traversal in Nuxt Island Payload Revival GSA_kwCzR0hTQS1wNmpxLTh2YzQtNzlmNs4ABMUE

npm nuxt

Potential

High

about 1 year ago

Nuxt allows DOS via cache poisoning with payload rendering response GSA_kwCzR0hTQS1qdmhtLWdqcmgtM2g5M84ABFp1

npm nuxt

Potential

Moderate

over 1 year ago

Opening a malicious website while running a Nuxt dev server could allow read-only access to code GSA_kwCzR0hTQS00Z2Y3LWZmOHgtaHE5Oc4ABD1p

npm @nuxt/rspack-builder, @nuxt/webpack-builder

Potential

Moderate

over 1 year ago

Opening a malicious website while running a Nuxt dev server could allow read-only access to code GSA_kwCzR0hTQS0yNDUyLTZ4ajgtamg0N84ABD1o

npm @nuxt/vite-builder

Potential

Critical

almost 2 years ago

Nuxt vulnerable to remote code execution via the browser when running the test locally GSA_kwCzR0hTQS12Nzg0LWZqamgtZjhyNM4AA-Ye

npm nuxt

Potential

Moderate

almost 2 years ago

nuxt vulnerable to Cross-site Scripting in navigateTo if used after SSR GSA_kwCzR0hTQS12ZjZyLTg3cTQtMnZqZs4AA-Yd

npm nuxt

Potential

High

almost 2 years ago

Nuxt Devtools has a Path Traversal: '../filedir' GSA_kwCzR0hTQS1yY3ZnLXJnZjctcHBwds4AA-Yc

npm @nuxt/devtools

Potential

Critical

almost 3 years ago

nuxt Code Injection vulnerability GSA_kwCzR0hTQS1nYzM0LTV2NDMtaDd2OM4AAz0l

npm nuxt

Filter by Severity

Moderate 4 Low 2 High 2 Critical 2