4 matches found
@adhd/react-hooks (=2.2.1), @aklesky/vite-config (>=0.7.9 <=0.9.0) +184 more potentially affected by CVE-2023-49293 via vite (>=5.0.0 <=5.0.4)
vite NPM version =5.0.0, =0.7.9, =17.1.0, =0.5.0, =0.22.0, =1.0.1, =1.0.0, =0.9.0, =1.0.0-alpha.13, =1.0.0-alpha.1, =1.0.0-alpha.1, =1.0.0-alpha.1, =1.0.0-alpha.1, =4.20.4, =4.21.1 and more Source cves: CVE-2023-49293 Source advisory: OSV:GHSA-92R3-M2MG-PJ97...
@amitojsingh366/pioneer-react (>=0.0.3 <=0.0.4), @angular-devkit/build-angular (>=17.0.0 <=17.0.5) +51 more potentially affected by CVE-2023-49293 via vite (=4.5.0)
vite NPM version =4.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on vite and may be impacted: - @amitojsingh366/pioneer-react =0.0.3, =17.0.0, =0.20.0, =1.0.0-rc.5, =0.5.4, =0.1.0, =17.0.0-next.11, =17.0.0-next.11, =0.0.0, =0.2.0, =11.11.0, =3.0.1,...
@angular-devkit/build-angular (>=17.0.0-next.7 <=17.0.0-next.9), @attq/blackboox (>=0.4.0 <=0.4.2) +31 more potentially affected by CVE-2023-49293 via vite (>=4.4.1 <=4.4.11)
vite NPM version =4.4.1, =17.0.0-next.7, =0.4.0, =1.0.0-rc.1, =1.0.0, =1.9.0, =17.0.0-next.8, =17.0.0-next.8, =0.0.9, =0.0.9, =0.0.9, =0.0.18 and more Source cves: CVE-2023-49293 Source advisory: OSV:GHSA-92R3-M2MG-PJ97...
CVE-2023-49293
Vite HTML transformation vulnerability (CVE-2023-49293) affects apps using appType: 'custom' with the default HTML middleware. When server.transformIndexHtml is invoked manually and the transformed HTML contains inline [removed], an unmodified request URL in the HTML being transformed can allow i...