4 matches found
CVE-2024-23641
CVE-2024-23641 affects SvelteKit 2 apps when handling HTTP GET/HEAD requests with a body (e.g., {})—these requests crash the preview/hosted app, including TRACE, causing DoS. The issue specifically impacts deployments using @sveltejs/adapter-node versions 2.1.2, 3.0.3, or 4.0.1 and @sveltejs/kit ...
CVE-2024-23641 Sending a GET or HEAD request with a body crashes SvelteKit
SvelteKit is a web development kit. In SvelteKit 2, sending a GET request with a body eg to a built and previewed/hosted sveltekit app throws Request with GET/HEAD method cannot have body. and crashes the preview/hosting. After this happens, one must manually restart the app. TRACE requests will...
CVE-2024-23641 Sending a GET or HEAD request with a body crashes SvelteKit
SvelteKit is a web development kit. In SvelteKit 2, sending a GET request with a body eg to a built and previewed/hosted sveltekit app throws Request with GET/HEAD method cannot have body. and crashes the preview/hosting. After this happens, one must manually restart the app. TRACE requests will...
@alexaegis/svelte-config (>=0.9.2 <=0.14.1), @builders-of-stuff/svelte-sui-wallet-adapter (>=1.1.4 <=2.1.0) +8 more potentially affected by CVE-2024-23641 via @sveltejs/kit (>=2.0.0 <=2.49.5)
@sveltejs/kit NPM version =2.0.0, =0.9.2, =1.1.4, =0.0.137, =0.4.1, =5.0.0-alpha.1, =0.0.1, =1.0.1-next.0, =1.0.2, =0.0.1, =1.3.0, =1.12.3 Source cves: CVE-2024-23641 Source advisory: OSV:GHSA-G5M6-HXPP-FC49...