Lucene search
K

6 matches found

Vulnrichment
Vulnrichment
added 2026/05/13 3:50 p.m.5 views

CVE-2026-45028 Astro: Server island encrypted parameters vulnerable to cross-component replay

Astro is a web framework. Astro versions prior to 6.1.10 used AES-GCM encryption to protect the confidentiality and integrity of server island props and slots parameters, but did not bind the ciphertext to its intended component or parameter type. An attacker could replay one component's encrypte...

6.3CVSS5.8AI score0.00144EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/13 3:50 p.m.39 views

CVE-2026-45028 Astro: Server island encrypted parameters vulnerable to cross-component replay

Astro is a web framework. Astro versions prior to 6.1.10 used AES-GCM encryption to protect the confidentiality and integrity of server island props and slots parameters, but did not bind the ciphertext to its intended component or parameter type. An attacker could replay one component's encrypte...

6.3CVSS0.00144EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/05/13 1:36 a.m.11 views

NPM: Astro: Server island encrypted parameters vulnerable to cross-component replay

NPM: Astro: Server island encrypted parameters vulnerable to cross-component replay vulnerability discovered by ? in WordPress Npm astro versions 6.1.10...

6.3CVSS5.8AI score0.00144EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/05/13 1:36 a.m.7 views

GHSA-XR5H-PHRJ-8VXV Astro: Server island encrypted parameters vulnerable to cross-component replay

Impact Astro versions prior to 6.1.10 used AES-GCM encryption to protect the confidentiality and integrity of server island props and slots parameters, but did not bind the ciphertext to its intended component or parameter type. An attacker could replay one component's encrypted props p value as...

6.3CVSS5.8AI score0.00144EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/13 1:36 a.m.7 views

EUVD-2026-30054

Astro: Server island encrypted parameters vulnerable to cross-component replay...

6.3CVSS5.8AI score0.00144EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/13 1:36 a.m.11 views

Astro: Server island encrypted parameters vulnerable to cross-component replay

Impact Astro versions prior to 6.1.10 used AES-GCM encryption to protect the confidentiality and integrity of server island props and slots parameters, but did not bind the ciphertext to its intended component or parameter type. An attacker could replay one component's encrypted props p value as...

6.3CVSS5.8AI score0.00144EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder