CVE-2025-24963 | vitest-dev vitest up to 2.1.8/3.0.3 __screenshot-error path traversal (GHSA-8gvc-j273-4wm5)

Inserito da Angelo Barbosa | Feb 4, 2025 | CVE

A vulnerability classified as problematic was found in vitest-dev vitest up to 2.1.8/3.0.3. This vulnerability affects the function __screenshot-error. The manipulation leads to path traversal.

This vulnerability was named CVE-2025-24963. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-24963 | vitest-dev vitest up to 2.1.8/3.0.3 __screenshot-error path traversal (GHSA-8gvc-j273-4wm5)

Post correlati

CVE-2024-45513 | Zimbra Collaboration Suite up to 10.1 Webmail /modern/contacts/print cross site scripting

CVE-2017-20191 | Zimbra zm-admin-ajax up to 8.8.1 Form Textbox Field Error XFormItem.js XFormItem.prototype.setError message cross site scripting

CVE-2024-47095 | Follet School Solutions Destiny up to 22.0.1 AU0 handleloginform.do handleloginform expiredSupportMessage cross site scripting

CVE-2024-50082 | Linux Kernel up to 5.10.227/5.15.168/6.1.113/6.6.57/6.11.4 blk-rq-qos rq_qos_wake_function memory corruption