2 matches found
CVE-2026-33532
yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of yaml on the 1.x branch prior to 1.10.3 or on the 2.x branch prior to 2.8.3 may throw a RangeError due to a stack overflow. The node resolution/composition phase uses recursive function calls without a...
SvelteKit 跨站脚本漏洞
SvelteKit is an open source web development framework from Svelte. A cross-site scripting vulnerability exists in SvelteKit versions prior to 2.8.3, which stems from the presence of unpurified input data and user-controllable data flow in a particular file, making it susceptible to cross-site...