Description
he Nuxt dev server between versions 3.4.0 and 3.4.3 is vulnerable to code injection when it is exposed publicly.
Recommendation
Update the nuxt package to the latest compatible version. Followings are version details:
- Affected version(s): >= 3.4.0, < 3.4.3
- Patched version(s): 3.4.3
References
Related Issues
- FUXA SQL Injection vulnerability - fuxa-server - CVE-2023-31719
- FUXA SQL Injection vulnerability - CVE-2023-31717
- squirrelly Code Injection vulnerability - CVE-2024-40453
- CouchAuth host header injection vulnerability leaks the password reset token - CVE-2023-39655
You might also like:
- Tags:
- npm
- nuxt
Anything's wrong? Let us know Last updated on November 18, 2024


