hao/websafe-kb
1
0
派生 0
代码 工单 合并请求 1 工作流 软件包 项目 发布 百科 活动

更新: 103 个文件 - 2026-03-18 19:24:37

浏览代码
这个提交包含在:
hao
2026-03-18 19:24:37 -07:00
父节点 8e13fcfbe0
当前提交 9b0d72b112
修改 103 个文件,包含 8985 行新增1381 行删除
下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件

41
07-framework-security/frameworks/nuxt/INDEX.md
查看文件

@@ -5,14 +5,14 @@
- 系统 ID: `nuxt`
- 分类: `frameworks`
- 覆盖策略: `history-full`
- 总案例数: `0`
- 总案例数: `28`
- 近 30 天新增/更新: `0`
- 重点 Markdown 案例数: `0`
- 重点 Markdown 案例数: `5`
- 已实证(真实版本): `0`
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `0`
- 最近渲染时间: `2026-03-18T21:18:14+00:00`
- 待人工/缺浏览器证据: `28`
- 最近渲染时间: `2026-03-19T02:23:04+00:00`
## 目标约束
@@ -32,4 +32,35 @@
| 标题 | 严重度 | 案例状态 | 实证状态 | 实证方式 | 来源置信度 | 更新时间 | 案例页 |
|------|--------|----------|----------|----------|------------|----------|--------|
| No advisories yet | `n/a` | `empty` | `n/a` | `n/a` | `n/a` | `n/a` | - |
| Nuxt has Client-Side Path Traversal in Nuxt Island Payload Revival | `low` | `generated` | `triage-manual` | `synthetic` | `official` | `2025-09-18T13:04:21Z` | [link](/Users/x/websafe/07-framework-security/frameworks/nuxt/cases/nuxt-cve-2025-59414.md) |
| Nuxt allows DOS via cache poisoning with payload rendering response | `low` | `generated` | `triage-manual` | `synthetic` | `official` | `2025-03-20T19:31:04Z` | [link](/Users/x/websafe/07-framework-security/frameworks/nuxt/cases/nuxt-cve-2025-27415.md) |
| Nuxt vulnerable to remote code execution via the browser when running the test locally | `low` | `generated` | `triage-manual` | `synthetic` | `official` | `2024-11-18T16:27:00Z` | [link](/Users/x/websafe/07-framework-security/frameworks/nuxt/cases/nuxt-cve-2024-34344.md) |
| nuxt vulnerable to Cross-site Scripting in navigateTo if used after SSR | `low` | `generated` | `triage-manual` | `synthetic` | `official` | `2025-05-15T21:26:45Z` | [link](/Users/x/websafe/07-framework-security/frameworks/nuxt/cases/nuxt-cve-2024-34343.md) |
| nuxt Code Injection vulnerability | `low` | `generated` | `triage-manual` | `synthetic` | `official` | `2024-11-18T16:26:30Z` | [link](/Users/x/websafe/07-framework-security/frameworks/nuxt/cases/nuxt-cve-2023-3224.md) |
| Opening a malicious website while running a Nuxt dev server could allow read-only access to code | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| Policy | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| Actions | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| XSS in navigateTo if used after SSR | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| Remote code execution via the browser when running e2e tests locally | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| Discussions | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| Opening a malicious website while running a Nuxt dev server could allow read-only access to code | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| Skip to content | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| Path Traversal: '../filedir' in Nuxt Devtools | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| Issues
788 | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| Report a vulnerability | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| Sign in | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| Models | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| Security
7 | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| Client-Side Path Traversal in Nuxt Island Payload Revival | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| Pull requests
118 | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| nuxt | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| Projects | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| Insights | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| Sign up | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| nuxt | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| DOS via cache poisoning with payload rendering response | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |
| Star
59.9k | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `` | - |