Plataforma
nodejs
Componente
nuxt
Corregido en
3.6.1
4.0.1
3.19.0
CVE-2025-59414 describes a client-side path traversal vulnerability discovered in Nuxt, a popular Vue.js framework. This flaw allows attackers to manipulate client-side requests, potentially gaining access to unintended endpoints within the same application domain. The vulnerability affects versions 3.18.0 and earlier, and a fix is available in Nuxt 3.19.0.
The path traversal vulnerability resides in Nuxt's Island payload revival mechanism. During prerendering, if an API endpoint returns user-controlled data containing a serialized _nuxtisland object, the vulnerability can be triggered. An attacker could craft malicious data to manipulate the client-side request path, allowing them to access files or resources outside of the intended scope. This could lead to information disclosure, unauthorized access to sensitive data, or even potential code execution depending on the application's configuration and the resources accessible through the traversal. The impact is primarily limited to the client-side and within the same application domain, reducing the overall blast radius.
This vulnerability is not currently listed on KEV or EPSS. The CVSS score of LOW indicates a relatively low probability of exploitation in the wild. Public proof-of-concept code is not yet available, but the vulnerability's nature suggests that it could be exploited relatively easily once a PoC is developed. The CVE was published on 2025-09-17.
Applications built with Nuxt 3.18.0 or earlier are at risk. This includes projects utilizing the Island architecture and relying on user-controlled data within API responses. Shared hosting environments where Nuxt applications are deployed alongside other applications could also be affected if the vulnerability is exploited to gain access to other resources.
• nodejs / server:
find /path/to/nuxt/app -name 'revive-payload.client.ts' -print• nodejs / server:
grep -r '__nuxt_island' /path/to/nuxt/app• generic web:
Inspect API responses for the presence of serialized _nuxtisland objects. Examine access logs for unusual file requests or patterns indicative of path traversal attempts.
disclosure
Estado del Exploit
EPSS
0.05% (15% percentil)
CISA SSVC
Vector CVSS
The primary mitigation for CVE-2025-59414 is to upgrade to Nuxt version 3.19.0 or later, which includes the fix for this vulnerability. If upgrading immediately is not feasible, consider implementing stricter input validation on API endpoints that return serialized _nuxtisland objects to prevent the injection of malicious path components. Additionally, review and harden access controls to sensitive resources to limit the potential impact of a successful traversal. There are no specific WAF rules or detection signatures readily available, so proactive input validation is crucial.
Actualice Nuxt a la versión 3.19.0 o superior, o a la versión 4.1.0 o superior. Esto corrige la vulnerabilidad de path traversal en el mecanismo de revitalización de payloads de Nuxt Islands. La actualización se puede realizar a través de npm o yarn.
Análisis de vulnerabilidades y alertas críticas directamente en tu correo.
CVE-2025-59414 is a client-side path traversal vulnerability in Nuxt versions 3.18.0 and below, allowing attackers to access unauthorized endpoints.
If you are using Nuxt version 3.18.0 or earlier, you are potentially affected by this vulnerability.
Upgrade to Nuxt version 3.19.0 or later to remediate the vulnerability. Consider input validation as a temporary workaround.
There are currently no confirmed reports of active exploitation, but the vulnerability's nature suggests it could be exploited once a proof-of-concept is available.
Refer to the official Nuxt security advisory for detailed information and updates: [https://nuxt.com/security/CVE-2025-59414](https://nuxt.com/security/CVE-2025-59414)
Sube tu archivo de dependencias y detecta esta y otras CVEs al instante.