Lucene search
K

9 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/12/29 1:44 p.m.8 views

Security Bulletin: IBM Edge Data Collector uses webpack-dev-server - 4.15.2 which is vulnerable to CVE-2025-30360.

Summary IBM Edge Data Collector uses webpack-dev-server - 4.15.2 which is vulnerable to CVE-2025-30360. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-30360 DESCRIPTION: webpack-dev-server allows users to use webpack with a development server...

6.5CVSS7.3AI score0.00289EPSS
Exploits1Affected Software1
Wolfi
Wolfi
added 2025/07/02 1:46 a.m.11 views

CVE-2025-30360 vulnerabilities

Vulnerabilities for packages: argo-workflows...

6.5CVSS7.7AI score0.00289EPSS
Exploits1
Chainguard
Chainguard
added 2025/07/02 1:16 a.m.9 views

CVE-2025-30360 vulnerabilities

Vulnerabilities for packages: argo-workflows...

6.5CVSS7.5AI score0.00289EPSS
Exploits1
NVD
NVD
added 2025/06/03 6:15 p.m.28 views

CVE-2025-30360

webpack-dev-server allows users to use webpack with a development server that provides live reloading. Prior to version 5.2.1, webpack-dev-server users' source code may be stolen when you access a malicious web site with non-Chromium based browser. The Origin header is checked to prevent Cross-si...

6.5CVSS0.00289EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/06/03 5:41 p.m.12 views

CVE-2025-30360 webpack-dev-server users' source code may be stolen when they access a malicious web site with non-Chromium based browser

webpack-dev-server allows users to use webpack with a development server that provides live reloading. Prior to version 5.2.1, webpack-dev-server users' source code may be stolen when you access a malicious web site with non-Chromium based browser. The Origin header is checked to prevent Cross-si...

6.5CVSS6.6AI score0.00289EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/06/03 5:41 p.m.71 views

CVE-2025-30360 webpack-dev-server users' source code may be stolen when they access a malicious web site with non-Chromium based browser

webpack-dev-server allows users to use webpack with a development server that provides live reloading. Prior to version 5.2.1, webpack-dev-server users' source code may be stolen when you access a malicious web site with non-Chromium based browser. The Origin header is checked to prevent Cross-si...

6.5CVSS0.00289EPSS
Exploits1References4
OSV
OSV
added 2025/06/03 5:41 p.m.18 views

CVE-2025-30360 webpack-dev-server users' source code may be stolen when they access a malicious web site with non-Chromium based browser

webpack-dev-server allows users to use webpack with a development server that provides live reloading. Prior to version 5.2.1, webpack-dev-server users' source code may be stolen when you access a malicious web site with non-Chromium based browser. The Origin header is checked to prevent Cross-si...

6.5CVSS7.3AI score0.00289EPSS
Exploits1References6
CVE
CVE
added 2025/06/03 5:41 p.m.187 views

CVE-2025-30360

The CVE-2025-30360 entry concerns webpack-dev-server prior to v5.2.1, where an Origin header check for WebSocket connections was insufficient, allowing IP-based origins to access the WebSocket and potentially exfiltrate source code to malicious sites using non-Chromium browsers. The issue is miti...

6.5CVSS6.4AI score0.00289EPSS
Exploits1References4Affected Software1
Circl
Circl
added 2025/06/03 3:55 p.m.21 views

CVE-2025-30360

creationtimestamp| type| source ---|---|--- 2025-06-03 15:55:19+00:00| published-proof-of-concept| https://github.com/webpack/webpack-dev-server/security/advisories/GHSA-9jgg-88mc-972h 2025-06-03 18:11:11+00:00| seen|...

6.5CVSS6.3AI score0.00289EPSS
Exploits1References3
Rows per page
Query Builder