Description
Nuxt is an open-source web development framework for Vue.js. In @nuxt/rspack-builder and @nuxt/webpack-builder from versions 3.15.4 to before 3.21.7 and 4.0.0 to before 4.4.7, there is an incomplete fix for GHSA-6m52-m754-pw2g. Source code may still be stolen during dev when using the webpack / rspack builder if the dev server is bound to a non-loopback address (e.g. nuxt dev --host) and the developer opens a malicious site on the same network. This issue has been patched in versions 3.21.7 and 4.4.7.
CVSS breakdown
CVSS 4.0
Attack Vector
Adjacent
Attack Complexity
High
Attack Requirements
Present
Privileges Required
None
User Interaction
Passive
Confidentiality (Vulnerable System)
High
Integrity (Vulnerable System)
None
Availability (Vulnerable System)
None
Confidentiality (Subsequent System)
None
Integrity (Subsequent System)
None
Availability (Subsequent System)
None
Affected products
- Nuxt / Nuxt>= 3.15.4, < 3.21.7 – >= 3.15.4, < 3.21.7
- Nuxt / Nuxt>= 4.0.0, < 4.4.7 – >= 4.0.0, < 4.4.7
References
- VENDOR_ADVISORYhttps://github.com/nuxt/nuxt/security/advisories/GHSA-x6qj-4h56-5rj5
- VENDOR_ADVISORYhttps://github.com/nuxt/nuxt/security/advisories/GHSA-6m52-m754-pw2g
- PATCHhttps://github.com/nuxt/nuxt/pull/35200
- PATCHhttps://github.com/nuxt/nuxt/commit/77187ee4015e9267fb464951542a3e09e8b5fa05
- PATCHhttps://github.com/nuxt/nuxt/commit/e351de943e82db16970618b60dc7fdbaa58630f3