Lucene search
K

5 matches found

vulnersOsv
vulnersOsv
added 2023/06/09 10:52 p.m.4 views

@ableaura/ableui (=0.1.0), @adobe/aio-cli-plugin-doc (=2.1.0) +867 more potentially affected by CVE-2023-34238 via gatsby (>=5.13.7 <=5.8.1)

gatsby NPM version =5.13.7, =2.4.6, =2.4.6, =2.2.27, =0.0.1, =2.0.0, =11.0.1, =1.0.0, =1.0.0, =7.0.0, =0.0.1, =0.0.1, =0.0.13 and more Source cves: CVE-2023-34238 Source advisory: OSV:GHSA-C6F8-8R25-C4GC...

5.3CVSS6AI score0.0091EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2023/06/07 11:24 p.m.9 views

CVE-2023-34238 Local File Inclusion vulnerability in Gatsby

Gatsby is a free and open source framework based on React. The Gatsby framework prior to versions 4.25.7 and 5.9.1 contain a Local File Inclusion vulnerability in the file-code-frame and original-stack-frame paths, exposed when running the Gatsby develop server gatsby develop. Any file in scope o...

4.3CVSS5.2AI score0.0091EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/06/07 12:0 a.m.10 views

gatsby 路径遍历漏洞

gatsby is a software application. A free open source framework based on React that helps developers build extremely fast websites and applications. A path traversal vulnerability exists in Gatsby versions prior to 4.25.7 and prior to 5.9.1, which stems from a local file inclusion vulnerability in...

5.3CVSS5.6AI score0.0091EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/01/13 12:0 a.m.4 views

gatsby 跨站脚本漏洞

gatsby is a software application. A free open source framework based on React that helps developers build extremely fast websites and applications. A cross-site scripting vulnerability exists in gatsby versions prior to 5.25.1 and 6.x prior to 6.3.2, which stems from a lack of cleanup of inputs a...

8.1CVSS6.3AI score0.00613EPSS
Exploits1References2
Veracode
Veracode
added 2018/01/11 7:44 a.m.13 views

Information Disclosure

gatsby is vulnerable to information disclosure. Absolute paths of the build machine can be leaked in the source map files when gatsby build scripts are executed, exposing sensitive information such as the current user name...

6.2AI score
Exploits0
Rows per page
Query Builder