29 matches found
CVE-2026-44589
Nuxt OG Image generates OG Images with Vue templates in Nuxt. The isBlockedUrl denylist introduced in [email protected] to remediate GHSA-pqhr-mp3f-hrpp Dmitry Prokhorov / Positive Technologies, March 2026 is incomplete. It has an incomplete IPv6 prefix list and is missing redirect re-validatio...
CVE-2026-44589
Nuxt OG Image generates OG Images with Vue templates in Nuxt. The isBlockedUrl denylist introduced in [email protected] to remediate GHSA-pqhr-mp3f-hrpp Dmitry Prokhorov / Positive Technologies, March 2026 is incomplete. It has an incomplete IPv6 prefix list and is missing redirect re-validatio...
CVE-2026-44589
Nuxt-og-image (nuxt-og-image) contains an SSRF issue tracked as CVE-2026-44589. The isBlockedUrl validator in [email protected] is incomplete: IPv6 prefix handling is limited (only ::1, fc, fd, fe80) and there is no redirect re-validation, enabling bypass paths such as IPv6-mapped addresses and...
CVE-2026-44589 nuxt-og-image SSRF — bypass of GHSA-pqhr-mp3f-hrpp / v6.2.5 fix (IPv6 + redirect)
Nuxt OG Image generates OG Images with Vue templates in Nuxt. The isBlockedUrl denylist introduced in [email protected] to remediate GHSA-pqhr-mp3f-hrpp Dmitry Prokhorov / Positive Technologies, March 2026 is incomplete. It has an incomplete IPv6 prefix list and is missing redirect re-validatio...
CVE-2026-44589 nuxt-og-image SSRF — bypass of GHSA-pqhr-mp3f-hrpp / v6.2.5 fix (IPv6 + redirect)
Nuxt OG Image generates OG Images with Vue templates in Nuxt. The isBlockedUrl denylist introduced in [email protected] to remediate GHSA-pqhr-mp3f-hrpp Dmitry Prokhorov / Positive Technologies, March 2026 is incomplete. It has an incomplete IPv6 prefix list and is missing redirect re-validatio...
nuxt-og-image 代码问题漏洞
nuxt-og-image is a tool developed by Nuxt Modules for generating social media previews for Nuxt applications. Versions of nuxt-og-image from 6.2.5 to 6.4.9 had code issues and vulnerabilities. These vulnerabilities stemmed from an incomplete blocklist for the isBlockedUrl function, which could le...
Server-side Request Forgery (SSRF)
Overview nuxt-og-image is an Enlightened OG Image generation for Nuxt. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF due to inadequate validation of user-supplied URLs in the isBlockedUrl process. An attacker can access internal network resources or sensitiv...
nuxt-og-image SSRF — bypass of GHSA-pqhr-mp3f-hrpp / v6.2.5 fix (IPv6 + redirect)
Summary The isBlockedUrl denylist introduced in [email protected] to remediate GHSA-pqhr-mp3f-hrpp Dmitry Prokhorov / Positive Technologies, March 2026 is incomplete. The patch advisory states "Decimal/hexadecimal IP encoding bypasses are also handled" — that part is true Node's WHATWG URL pars...
NPM: nuxt-og-image SSRF — bypass of GHSA-pqhr-mp3f-hrpp / v6.2.5 fix (IPv6 + redirect)
NPM: nuxt-og-image SSRF — bypass of GHSA-pqhr-mp3f-hrpp / v6.2.5 fix IPv6 + redirect vulnerability discovered by ? in WordPress Npm nuxt-og-image versions = 6.2.5, 6.4.9...
GHSA-C2RM-G55X-8HR5 nuxt-og-image SSRF — bypass of GHSA-pqhr-mp3f-hrpp / v6.2.5 fix (IPv6 + redirect)
Summary The isBlockedUrl denylist introduced in [email protected] to remediate GHSA-pqhr-mp3f-hrpp Dmitry Prokhorov / Positive Technologies, March 2026 is incomplete. The patch advisory states "Decimal/hexadecimal IP encoding bypasses are also handled" — that part is true Node's WHATWG URL pars...
CVE-2026-34405
Nuxt OG Image generates OG Images with Vue templates in Nuxt. Prior to version 6.2.5, the image‑generation component by the URI: /og/d/ and, in older versions, /og-image/ contains a vulnerability that allows injection of arbitrary attributes into the HTML page body. This issue has been patched in...
Nuxt OG Image is vulnerable to reflected XSS via query parameter injection into HTML attributes
Product: Nuxt OG Image Version: 6.1.2 CWE-ID: CWE-79: Improper Neutralization of Input During Web Page Generation Description: Incorrect parsing of GET parameters leads to the possibility of HTML injection and JavaScript code injection. Impact: Client-Side JavaScript Execution Exploitation...
@aneoconsultingfr/armonik-docs-theme (>=0.6.0 <=0.6.15), @avion-block/usebootstrap (>=4.0.0 <=4.0.3) +83 more potentially affected by CVE-2026-34405 via nuxt-og-image (>=0.4.7 <=5.1.9)
nuxt-og-image NPM version =0.4.7, =0.6.0, =4.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =0.1.0, =0.1.0, =0.0.1, =1.0.0-29145064.1c5c263, =1.6.0, =21.0.0-beta.12 and more Source cves: CVE-2026-34405 Source advisory: OSV:GHSA-MG36-WVCR-M75H...
Cross-site Scripting (XSS)
Overview nuxt-og-image is an Enlightened OG Image generation for Nuxt. Affected versions of this package are vulnerable to Cross-site Scripting XSS via HTML attributes during image generation. An attacker can execute arbitrary JavaScript code in the context of the user's browser by crafting a...
GHSA-MG36-WVCR-M75H Nuxt OG Image is vulnerable to reflected XSS via query parameter injection into HTML attributes
Product: Nuxt OG Image Version: 6.1.2 CWE-ID: CWE-79: Improper Neutralization of Input During Web Page Generation Description: Incorrect parsing of GET parameters leads to the possibility of HTML injection and JavaScript code injection. Impact: Client-Side JavaScript Execution Exploitation...
Nuxt OG Image vulnerable to Server-Side Request Forgery via user-controlled parameters
Product: Nuxt OG Image Version: injection via html parameter GET /og/d/og.png?html= When verbose errors are enabled, the response content is leaked in base64-encoded error messages. Vector 3: SVG injection via html parameter GET /og/d/og.png?html= Mitigation Fixed in v6.2.5. The image source plug...
@aneoconsultingfr/armonik-docs-theme (>=0.6.0 <=0.6.15), @avion-block/usebootstrap (>=4.0.0 <=4.0.3) +83 more potentially affected by unknown CVE via nuxt-og-image (>=0.4.7 <=5.1.9)
nuxt-og-image NPM version =0.4.7, =0.6.0, =4.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =0.1.0, =0.1.0, =0.0.1, =1.0.0-29145064.1c5c263, =1.6.0, =21.0.0-beta.12 and more Source cves: unknown CVE Source advisory: OSV:GHSA-PQHR-MP3F-HRPP...
Server-side Request Forgery (SSRF)
Overview nuxt-og-image is an Enlightened OG Image generation for Nuxt. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via user-controlled parameters in the /og/d/ endpoint. An attacker can access internal network resources or sensitive data by injecting craft...
GHSA-PQHR-MP3F-HRPP Nuxt OG Image vulnerable to Server-Side Request Forgery via user-controlled parameters
Product: Nuxt OG Image Version: injection via html parameter GET /og/d/og.png?html= When verbose errors are enabled, the response content is leaked in base64-encoded error messages. Vector 3: SVG injection via html parameter GET /og/d/og.png?html= Mitigation Fixed in v6.2.5. The image source plug...
Nuxt OG Image is vulnerable to Denial of Service via unbounded image dimensions
Product: Nuxt OG Image Version: 6.1.2 CWE-ID: CWE-404: Improper Resource Shutdown or Release Description: Failure to limit the length and width of the generated image results in a denial of service. Impact: Denial of service Exploitation condition: An external user Mitigation: Implement a...