15 matches found
Security Bulletin: A vite-7.1.5.tgz vulnerability found by Scanner affects IBM Rational Functional Tester / DevOps Test UI
Summary There is a vulnerability in vite-7.1.5.tgz used by Rational Functional Tester RFT / DevOps Test UI Test UI. RFT/Test UI has addressed the applicable CVE Vulnerability Details CVEID:CVE-2025-62522 DESCRIPTION: Vite is a frontend tooling framework for JavaScript. In versions from 2.9.18 to...
@angular/build (>=20.1.0 <=20.2.0-next.2), @atomazing-org/super-app-host (>=0.0.4 <=0.0.8) +55 more potentially affected by CVE-2025-62522 via vite (>=7.0.0 <=7.0.6)
vite NPM version =7.0.0, =20.1.0, =0.0.4, =0.2.9, =1.190.0, =0.1.0, =0.0.1750946288791, =0.0.2, =0.0.7, =0.0.2, =0.0.1, =0.1.34, =0.1.35 and more Source cves: CVE-2025-62522 Source advisory: SNYK:JS-VITE-13644406...
@1771technologies/oneplay (>=0.0.1 <=0.0.6), @aicblock/cli (>=1.0.0 <=1.0.1) +170 more potentially affected by CVE-2025-62522 via vite (>=6.0.0 <=6.4.0)
vite NPM version =6.0.0, =0.0.1, =1.0.0, =1.0.0, =0.2.0, =4.25.19-patch.2, =19.1.0, =0.55.0, =0.21.2-4.1, =0.4.2, =0.1.10, =0.0.1, =4.0.0-canary.13656, =4.0.0-canary.13656, =4.0.0-canary.13657 and more Source cves: CVE-2025-62522 Source advisory: SNYK:JS-VITE-13644406...
@adhd/react-hooks (=2.2.1), @aklesky/vite-config (>=0.7.9 <=0.9.0) +432 more potentially affected by CVE-2025-62522 via vite (>=5.0.0-beta.0 <=5.4.20)
vite NPM version =5.0.0-beta.0, =0.7.9, =17.1.0, =18.0.0, =1.0.25-beta.0, =0.5.0, =2.0.0-beta.0, =0.22.0, =1.0.1, =1.0.0, =1.0.0, =1.0.64 and more Source cves: CVE-2025-62522 Source advisory: SNYK:JS-VITE-13644406...
@angular/build (>=20.2.0-next.3 <=21.0.0-next.8), @brendonovich/solidjs__start (>=0.0.0 <=0.0.3) +8 more potentially affected by CVE-2025-62522 via vite (>=7.1.0 <=7.1.10)
vite NPM version =7.1.0, =20.2.0-next.3, =0.0.0, =2.20.3, =2.20.3, =0.0.12, =2.2.17, =2.2.17, =1.0.0, =2.20.3, =0.25.0-alpha.0, =0.25.0-alpha.1 Source cves: CVE-2025-62522 Source advisory: SNYK:JS-VITE-13644406...
org.webjars.npm:vitepress (=1.0.0-draft.8) potentially affected by CVE-2025-62522 via org.webjars.npm:vite (=3.0.0-beta.9)
org.webjars.npm:vite MAVEN version =3.0.0-beta.9 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:vite and may be impacted: - org.webjars.npm:vitepress =1.0.0-draft.8 Source cves: CVE-2025-62522 Source advisory:...
CVE-2025-62522 vite allows server.fs.deny bypass via backslash on Windows
Vite is a frontend tooling framework for JavaScript. In versions from 2.9.18 to before 3.0.0, 3.2.9 to before 4.0.0, 4.5.3 to before 5.0.0, 5.2.6 to before 5.4.21, 6.0.0 to before 6.4.1, 7.0.0 to before 7.0.8, and 7.1.0 to before 7.1.11, files denied by server.fs.deny were sent if the URL ended...
CVE-2025-62522 vite allows server.fs.deny bypass via backslash on Windows
Vite is a frontend tooling framework for JavaScript. In versions from 2.9.18 to before 3.0.0, 3.2.9 to before 4.0.0, 4.5.3 to before 5.0.0, 5.2.6 to before 5.4.21, 6.0.0 to before 6.4.1, 7.0.0 to before 7.0.8, and 7.1.0 to before 7.1.11, files denied by server.fs.deny were sent if the URL ended...
128981semzub (=1.0.1), 1food-menu (>=0.0.1 <=0.3.7) +5333 more potentially affected by CVE-2025-62522 via vite (>=2.9.18 <=5.4.20)
vite NPM version =2.9.18, =0.0.1, =1.0.0, =1.0.0, =2.0.3, =0.0.1, =0.0.1, =0.0.7, =4.0.61, =4.0.61, =4.0.61, =4.0.84 and more Source cves: CVE-2025-62522 Source advisory: OSV:GHSA-93M4-6634-74Q7...
@angular/build (>=20.2.0-next.3 <=21.0.0-next.8), @brendonovich/solidjs__start (>=0.0.0 <=0.0.3) +8 more potentially affected by CVE-2025-62522 via vite (>=7.1.0 <=7.1.10)
vite NPM version =7.1.0, =20.2.0-next.3, =0.0.0, =2.20.3, =2.20.3, =0.0.12, =2.2.17, =2.2.17, =1.0.0, =2.20.3, =0.25.0-alpha.0, =0.25.0-alpha.1 Source cves: CVE-2025-62522 Source advisory: OSV:GHSA-93M4-6634-74Q7...
@angular/build (>=20.1.0 <=20.2.0-next.2), @atomazing-org/super-app-host (>=0.0.4 <=0.0.8) +55 more potentially affected by CVE-2025-62522 via vite (>=7.0.0 <=7.0.6)
vite NPM version =7.0.0, =20.1.0, =0.0.4, =0.2.9, =1.190.0, =0.1.0, =0.0.1750946288791, =0.0.2, =0.0.7, =0.0.2, =0.0.1, =0.1.34, =0.1.35 and more Source cves: CVE-2025-62522 Source advisory: OSV:GHSA-93M4-6634-74Q7...
@1771technologies/oneplay (>=0.0.1 <=0.0.6), @aicblock/cli (>=1.0.0 <=1.0.1) +170 more potentially affected by CVE-2025-62522 via vite (>=6.0.0 <=6.4.0)
vite NPM version =6.0.0, =0.0.1, =1.0.0, =1.0.0, =0.2.0, =4.25.19-patch.2, =19.1.0, =0.55.0, =0.21.2-4.1, =0.4.2, =0.1.10, =0.0.1, =4.0.0-canary.13656, =4.0.0-canary.13656, =4.0.0-canary.13657 and more Source cves: CVE-2025-62522 Source advisory: OSV:GHSA-93M4-6634-74Q7...
@adhd/react-hooks (=2.2.1), @aklesky/vite-config (>=0.7.9 <=0.9.0) +466 more potentially affected by CVE-2025-62522 via vite (>=4.5.3 <=5.4.20)
vite NPM version =4.5.3, =0.7.9, =16.0.0, =16.0.0, =16.2.14, =18.0.0, =1.0.25-beta.0, =0.1.26, =0.1.25, =0.1.30, =0.1.32, =0.5.0, =0.5.5 - @avorati/strapi-plugin-preview =1.0.1 - @beardeddudes/strapi-types =0.1.1 and more Source cves: CVE-2025-62522 Source advisory: OSV:GHSA-93M4-6634-74Q7...
@angular-devkit/build-angular (>=17.3.12 <=17.3.15), @angular/build (>=18.1.0 <=19.0.7) +167 more potentially affected by CVE-2025-62522 via vite (>=5.2.6 <=5.4.20)
vite NPM version =5.2.6, =17.3.12, =18.1.0, =2.0.0-beta.3, =0.36.1, =0.1.2, =5.30.1, =0.9.1-next.19, =0.9.1-next.19, =0.9.1-next.19, =0.0.4, =0.21.1, =1.0.375, =1.0.409 - @cotofe/appkit-cdn =2.0.0 - @curatorjs/bridge =0.1.0 and more Source cves: CVE-2025-62522 Source advisory:...
128981semzub (=1.0.1), 1food-menu (>=0.3.0 <=0.3.7) +3488 more potentially affected by CVE-2025-62522 via vite (>=4.0.0-beta.0 <=5.4.20)
vite NPM version =4.0.0-beta.0, =0.3.0, =1.0.0, =2.0.3, =0.0.1, =0.0.1, =0.0.7, =4.0.61, =4.0.61, =4.0.61, =4.0.61, =0.0.1, =0.0.3 and more Source cves: CVE-2025-62522 Source advisory: OSV:GHSA-93M4-6634-74Q7...