📦 Vite

This vulnerability allows attackers to bypass Vite's server.fs.deny file access restrictions on case-insensitive file systems (like Windows) by using different letter casing in file paths. This enable...

This vulnerability allows unauthenticated attackers to bypass Vite's file system restrictions by using double forward-slashes (//) in URLs, potentially exposing sensitive files like .env and certifica...

This vulnerability in Vite allows attackers to bypass server.fs restrictions and access files outside the public directory when specific conditions are met. Only applications that expose the Vite dev ...

This vulnerability in Vite allows unauthorized access to HTML files on the server regardless of filesystem restrictions when the dev server is exposed to the network. It affects applications using Vit...

This vulnerability in Vite allows attackers to bypass file access restrictions and read sensitive files from the project root directory. Only affects Vite development servers explicitly exposed to the...

Vite development servers configured to expose content to the network can leak sensitive file contents through specific query parameters (?inline&import or ?raw?import). Only applications explicitly ex...

This CVE describes a path traversal vulnerability in Vite development servers where attackers can bypass file access restrictions by appending '?raw??' or '?import&raw??' to URLs. This allows reading ...