漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Nuxt OG Image vulnerable to DoS via image generation
Vulnerability Description
Nuxt OG Image generates OG Images with Vue templates in Nuxt. Prior to version 6.2.5, the image‑generation component by the URI: /_og/d/ (and, in older versions, /og-image/) contains a Denial of Service (DoS) vulnerability. The issue arises because there is no restriction on the width and height parameters of the generated image. The vulnerability was reproduced using the standard configuration and the default templates. This issue has been patched in version 6.2.5.
CVSS Information
N/A
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
nuxt-og-image 资源管理错误漏洞
Vulnerability Description
nuxt-og-image是Nuxt Modules开源的一个为Nuxt应用生成社交媒体预览图的工具。 nuxt-og-image 6.2.5之前版本存在资源管理错误漏洞,该漏洞源于图像生成组件对宽度和高度参数无限制,可能导致拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A