Описание
vite-plugin-static-copy is rollup-plugin-copy for Vite with dev server support. Files not included in src are accessible with a crafted request. The vulnerability is fixed in 2.3.2 and 3.1.2.
EPSS
Процентиль: 32%
0.00123
Низкий
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 6.5
redhat
4 месяца назад
vite-plugin-static-copy is rollup-plugin-copy for Vite with dev server support. Files not included in src are accessible with a crafted request. The vulnerability is fixed in 2.3.2 and 3.1.2.
github
4 месяца назад
vite-plugin-static-copy files not included in `src` are possible to access with a crafted request
EPSS
Процентиль: 32%
0.00123
Низкий
Дефекты
CWE-22