Browse all 12 CVE security advisories affecting nuxt. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Nuxt is a Vue.js framework for building server-side rendered applications, commonly used for creating performant web experiences. Historically, it has been susceptible to cross-site scripting (XSS) and remote code execution (RCE) vulnerabilities, often through improper input handling or insecure template rendering. While no major public security incidents have been widely reported, the 12 documented CVEs highlight potential risks in areas like dependency management and configuration handling. Developers should implement strict input validation, keep dependencies updated, and follow secure coding practices to mitigate these risks, as the framework's complexity increases potential attack surfaces.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-0878 | Cross-site Scripting (XSS) - Generic in nuxt/framework — nuxt/frameworkCWE-79 | 6.1 | - | 2023-02-17 |
| CVE-2022-4413 | Cross-site Scripting (XSS) - Reflected in nuxt/framework — nuxt/frameworkCWE-79 | 6.1 | - | 2022-12-11 |
| CVE-2022-4414 | Cross-site Scripting (XSS) - DOM in nuxt/framework — nuxt/frameworkCWE-79 | 6.1 | - | 2022-12-11 |
This page lists every published CVE security advisory associated with nuxt. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.