How severe is CVE-2025-24361?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2025-24361?

This is classified as CWE-749, which is a common weakness in software security.

CVE-2025-24361

MEDIUM Year: 2025

CVSS v3 Score

5.3

Medium

Weakness Type

CWE-749

View all →

Vulnerability Description

Nuxt is an open-source web development framework for Vue.js. Source code may be stolen during dev when using version 3.0.0 through 3.15.12 of the webpack builder or version 3.12.2 through 3.152 of the rspack builder and a victim opens a malicious web site. Because the request for classic script by a script tag is not subject to same origin policy, an attacker can inject a malicious script in their site and run the script. By using `Function::toString` against the values in `window.webpackChunknuxt_app`, the attacker can get the source code. Version 3.15.13 of Nuxt patches this issue.

CVE-2010-0738

MEDIUM

CVSS:5.3(Medium)

The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for th...

CWE-7492010

CVE-2020-12912

MEDIUM

CVSS:5.5(Medium)

A potential vulnerability in the AMD extension to Linux "hwmon" service may allow an attacker to use the Linux-based Running Average Power Limit (RAPL) interface to show various side channel attacks. ...

CWE-7492020

CVE-2020-27123

MEDIUM

CVSS:5.5(Medium)

A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to read arbitrary files on the under...

CWE-7492020

CVE-2023-39495

MEDIUM

CVSS:5.5(Medium)

PDF-XChange Editor readFileIntoStream Exposed Dangerous Function Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installa...

CWE-7492023

CVE-2023-39505

MEDIUM

CVSS:5.5(Medium)

PDF-XChange Editor Net.HTTP.requests Exposed Dangerous Function Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installat...

CWE-7492023

CVE-2020-10268

MEDIUM

CVSS:6.1(Medium)

Critical services for operation can be terminated from windows task manager, bringing the manipulator to a halt. After this a Re-Calibration of the brakes needs to be performed. Be noted that this onl...

CWE-7492020

CVE-2025-24361

Vulnerability Description

Related Vulnerabilities

CVE-2010-0738

CVE-2020-12912

CVE-2020-27123

CVE-2023-39495

CVE-2023-39505

CVE-2020-10268