CVE-2022-35204
published 2022-08-18CVE-2022-35204: Vitejs Vite before v2.9.13 was discovered to allow attackers to perform a directory traversal via a crafted URL to the victim's service.
PriorityP420medium4.3CVSS 3.1
AVNACLPRNUIRSUCLINAN
EPSS
1.08%
60.8th percentile
Vitejs Vite before v2.9.13 was discovered to allow attackers to perform a directory traversal via a crafted URL to the victim's service.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vitejs | vite | < 2.9.13 | 2.9.13 |
| vitejs | vite | >= 0 < 2.9.13 | 2.9.13 |
| vitejs | vite | >= 3.0.0-alpha.0 < 3.0.0-beta.4 | 3.0.0-beta.4 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Vite before v2.9.13 vulnerable to directory traversal via crafted URL to victim's service
ghsa·2022-08-19
CVE-2022-35204 [HIGH] CWE-22 Vite before v2.9.13 vulnerable to directory traversal via crafted URL to victim's service
Vite before v2.9.13 vulnerable to directory traversal via crafted URL to victim's service
Vite before v2.9.13 was discovered to allow attackers to perform a directory traversal via a crafted URL to the victim's service.
OSV
Vite before v2.9.13 vulnerable to directory traversal via crafted URL to victim's service
osv·2022-08-19
CVE-2022-35204 [HIGH] Vite before v2.9.13 vulnerable to directory traversal via crafted URL to victim's service
Vite before v2.9.13 vulnerable to directory traversal via crafted URL to victim's service
Vite before v2.9.13 was discovered to allow attackers to perform a directory traversal via a crafted URL to the victim's service.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/vitejs/vite/issues/8498https://github.com/vitejs/vite/releases/tag/v2.9.13https://github.com/vitejs/vite/releases/tag/v3.0.0-beta.4https://github.com/vitejs/vite/issues/8498https://github.com/vitejs/vite/releases/tag/v2.9.13https://github.com/vitejs/vite/releases/tag/v3.0.0-beta.4
2022-08-18
Published