2 matches found
@semic/testing (=2.2.11) potentially affected by CVE-2024-48914 via @vendure/asset-server-plugin (=3.0.0)
@vendure/asset-server-plugin NPM version =3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on @vendure/asset-server-plugin and may be impacted: - @semic/testing =2.2.11 Source cves: CVE-2024-48914 Source advisory: OSV:GHSA-R9MQ-3C9R-FMJQ...
CVE-2024-48914
creationtimestamp| type| source ---|---|--- 2024-10-15 10:56:35+00:00| published-proof-of-concept| https://github.com/vendurehq/vendure/security/advisories/GHSA-r9mq-3c9r-fmjq 2024-10-15 18:36:47+00:00| seen| https://t.me/cvedetector/7927 2024-10-21 10:04:39+00:00| published-proof-of-concept|...