Shazwazza/Smidge

Releases40

Frequency3 months 5 days

Last Release 9 months ago

Stars370

A lightweight runtime CSS/JavaScript file minification, combination, compression & management library for ASP.Net Core

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-11842 ↗	Oct 16, 2025Thursday, 16 October 2025, 16:15	6.3 MEDIUM	6.5 MEDIUM
A security vulnerability has been detected in Shazwazza Smidge up to 4.5.1. The impacted element is an unknown function of the component Bundle Handler. The manipulation of the argument Version leads to path traversal. Remote exploitation of the attack is possible. Upgrading to version 4.6.0 is sufficient to resolve this issue. It is recommended to upgrade the affected component.