4 matches found
CVE-2024-56159
Astro is a web framework for content-driven websites. A bug in the build process allows any unauthenticated user to read parts of the server source code. During build, along with client assets such as css and font files, the sourcemap files for the server code are moved to a publicly-accessible...
CVE-2024-56159 Server source code is exposed to the public if sourcemaps are enabled
Astro is a web framework for content-driven websites. A bug in the build process allows any unauthenticated user to read parts of the server source code. During build, along with client assets such as css and font files, the sourcemap files for the server code are moved to a publicly-accessible...
CVE-2024-56159 Server source code is exposed to the public if sourcemaps are enabled
Astro is a web framework for content-driven websites. A bug in the build process allows any unauthenticated user to read parts of the server source code. During build, along with client assets such as css and font files, the sourcemap files for the server code are moved to a publicly-accessible...
@volpe/astro-utils (>=0.0.1 <=0.0.20), astro-npm-loader (>=0.0.1 <=0.1.2) potentially affected by CVE-2024-56159 via astro (=5.0.0-beta.5)
astro NPM version =5.0.0-beta.5 is affected by a known vulnerability. The following packages have a transitive dependency on astro and may be impacted: - @volpe/astro-utils =0.0.1, =0.0.1, =0.1.2 Source cves: CVE-2024-56159 Source advisory: OSV:GHSA-49W6-73CW-CHJR...