CNNVD-202508-2604 Information
CNNVD ID
CNNVD-202508-2604
Related CVE
- CNNVD Published: 2025-08-21
Description (Chinese)
vite-plugin-static-copy是sapphi-red个人开发者的一个带有开发服务器支持的插件。 vite-plugin-static-copy 2.3.2之前版本和3.1.2之前版本存在安全漏洞,该漏洞源于特制请求可访问未包含在src中的文件。
Description (English)
The vite-plugin-static-copy is a plugin supported by the sapphi-red personal developer. There is a security loophole in the previous version of the vite-plugin-static-copy 2.3.2 and the previous version of the 3.1.2, which stems from the fact that special requests can be accessed for documents not contained in src.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2025-08-21
Last Modified
2026-02-24
References
https://github.com/sapphi-red/vite-plugin-static-copy/security/advisories/GHSA-pp7p-q8fx-2968 https://access.redhat.com/security/cve/cve-2025-57753 https://nvd.nist.gov/vuln/detail/CVE-2025-57753
Patch
https://github.com/sapphi-red/vite-plugin-static-copy/releases
Share on: