2 matches found
CVE-2026-45028
Astro is a web framework. Astro versions prior to 6.1.10 used AES-GCM encryption to protect the confidentiality and integrity of server island props and slots parameters, but did not bind the ciphertext to its intended component or parameter type. An attacker could replay one component's encrypte...
@stnd/build (=0.18.70), saku-doc (>=0.0.1 <=0.0.4) +1 more potentially affected by CVE-2026-45028 via astro (>=6.0.0-beta.1 <=6.0.4)
astro NPM version =6.0.0-beta.1, =0.0.1, =0.0.4 - stnd =0.18.70 Source cves: CVE-2026-45028 Source advisory: SNYK:JS-ASTRO-16643260...