Lucene search
+L

4 matches found

NVD
NVD
added 2024/12/19 7:15 p.m.28 views

CVE-2024-56159

Astro is a web framework for content-driven websites. A bug in the build process allows any unauthenticated user to read parts of the server source code. During build, along with client assets such as css and font files, the sourcemap files for the server code are moved to a publicly-accessible...

7.8CVSS0.01494EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/12/19 6:58 p.m.22 views

CVE-2024-56159 Server source code is exposed to the public if sourcemaps are enabled

Astro is a web framework for content-driven websites. A bug in the build process allows any unauthenticated user to read parts of the server source code. During build, along with client assets such as css and font files, the sourcemap files for the server code are moved to a publicly-accessible...

7.8CVSS0.01494EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/12/19 6:58 p.m.11 views

CVE-2024-56159 Server source code is exposed to the public if sourcemaps are enabled

Astro is a web framework for content-driven websites. A bug in the build process allows any unauthenticated user to read parts of the server source code. During build, along with client assets such as css and font files, the sourcemap files for the server code are moved to a publicly-accessible...

7.8CVSS6.7AI score0.01494EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2024/12/19 3:12 p.m.6 views

@volpe/astro-utils (>=0.0.1 <=0.0.20), astro-npm-loader (>=0.0.1 <=0.1.2) potentially affected by CVE-2024-56159 via astro (=5.0.0-beta.5)

astro NPM version =5.0.0-beta.5 is affected by a known vulnerability. The following packages have a transitive dependency on astro and may be impacted: - @volpe/astro-utils =0.0.1, =0.0.1, =0.1.2 Source cves: CVE-2024-56159 Source advisory: OSV:GHSA-49W6-73CW-CHJR...

7.8CVSS5.8AI score0.01494EPSS
Exploits1
Rows per page
Query Builder