All 2 CVE vulnerabilities found in astro-shield, with AI-generated Chinese analysis, references, and POCs.
Vendor: KindSpells
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-30250 | In Astro-Shield, setting a correct `integrity` attribute to injected code allows to bypass the allow-lists CWE-345 | 7.5 | High | 2024-04-04 |
| CVE-2024-29896 | Astro-Shield's Content-Security-Policy header generation in middleware could be compromised by malicious injections CWE-74 | 7.5 | High | 2024-03-28 |
All 2 known CVE vulnerabilities affecting astro-shield with full Chinese analysis, references, and POCs where available.