4 matches found
CVE-2025-46332
Flags SDK is an open-source feature flags toolkit for Next.js and SvelteKit. Impacted versions include flags from 3.2.0 and prior and @vercel/flags from 3.1.1 and prior as certain circumstances allows a bad actor with detailed knowledge of the vulnerability to list all flags returned by the flags...
CVE-2025-46332 Information Disclosure via Flags override link
Flags SDK is an open-source feature flags toolkit for Next.js and SvelteKit. Impacted versions include flags from 3.2.0 and prior and @vercel/flags from 3.1.1 and prior as certain circumstances allows a bad actor with detailed knowledge of the vulnerability to list all flags returned by the flags...
CVE-2025-46332 Information Disclosure via Flags override link
Flags SDK is an open-source feature flags toolkit for Next.js and SvelteKit. Impacted versions include flags from 3.2.0 and prior and @vercel/flags from 3.1.1 and prior as certain circumstances allows a bad actor with detailed knowledge of the vulnerability to list all flags returned by the flags...
CVE-2025-46332
The CVE-2025-46332 entry concerns Flags SDK (for Next.js and SvelteKit) with information disclosure via the flags discovery endpoint. Affected: flags <= 3.2.0 and @vercel/flags