Risk Scores
CVSS v3.1
4.800000190734863
CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
EPSS Score
0.02%
2.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| npm | vite | 5.2.0, 5.3.0, 5.4.0 |
| vitejs | vite | 0, 5.4.0, 5.3.0 |
| vitejs | vite | >= 5.4.0, < 5.4.6, < 3.2.11, >= 4.0.0, < 4.5.5 |
Timeline
- Jan 21, 1970 Security Advisory
- Sep 17, 2024 CVE Published
- Sep 17, 2024 PoC Published
- Sep 18, 2024 EPSS Score
- Sep 19, 2024 CVE Updated
- Oct 5, 2024 Coalition ESS Score
- Oct 7, 2024 EPSS Score
- Oct 26, 2024 EPSS Score
- Nov 14, 2024 EPSS Score
- Dec 4, 2024 EPSS Score
- Dec 23, 2024 EPSS Score
- Jan 11, 2025 EPSS Score
References
- https://github.com/vitejs/vite/security/advisories/GHSA-9cwx-2883-4wfx url
- https://github.com/vitejs/vite/commit/6820bb3b9a54334f3268fc5ee1e967d2e1c0db34 url
- https://nvd.nist.gov/vuln/detail/CVE-2024-45811 advisory
- https://github.com/vitejs/vite/commit/4573a6fd6f1b097fb7296a3e135e0646b996b249 url
- https://github.com/vitejs/vite/commit/8339d7408668686bae56eaccbfdc7b87612904bd url
- https://github.com/vitejs/vite/commit/a6da45082b6e73ddfdcdcc06bb5414f976a388d6 url
- https://github.com/vitejs/vite/commit/b901438f99e667f76662840826eec91c8ab3b3e7 url
- https://github.com/vitejs/vite package