6 matches found
CVE-2024-45812
A DOM clobbering vulnerability was found in ViteJS. This may lead to cross-site scripting XSS attacks on websites that include Vite-bundled files configured with an output format of cjs, iife, or umd, and allow users to inject certain scriptless HTML tags without properly sanitizing the name or i...
CVE-2024-45812 vulnerabilities
Vulnerabilities for packages: vite...
@angular/build (>=18.1.0 <=18.2.0-rc.0), @bebasebuild/basebuild (>=2.0.0-beta.3 <=3.0.0-alpha.1) +40 more potentially affected by CVE-2024-45812 via vite (>=5.3.0 <=5.3.5)
vite NPM version =5.3.0, =18.1.0, =2.0.0-beta.3, =0.44.0, =5.0.0-alpha.11, =1.0.1, =11.17.8, =0.0.1, =14.190.0, =0.0.1719809477737, =8.1.1, =0.0.1, =1.0.0, =1.0.2 and more Source cves: CVE-2024-45812 Source advisory: OSV:GHSA-64VR-G452-QVP3...
1food-menu (=0.3.8), 2473-alex-ui (>=0.0.1 <=0.0.4-alpha.3) +4791 more potentially affected by CVE-2024-45812 via vite (>=5.4.0 <=5.4.5)
vite NPM version =5.4.0, =0.0.1, =0.0.1, =1.1.2, =0.1.1, =0.1.0, =5.0.0, =0.0.1-alpha.10, =0.0.4-alpha.5, =0.0.11, =0.0.5, =0.0.1, =1.0.0, =1.0.0, =1.1.1 and more Source cves: CVE-2024-45812 Source advisory: OSV:GHSA-64VR-G452-QVP3...
@adhd/react-hooks (=2.2.1), @aklesky/vite-config (>=0.7.9 <=0.9.0) +252 more potentially affected by CVE-2024-45812 via vite (>=5.0.0 <=5.1.7)
vite NPM version =5.0.0, =0.7.9, =17.1.0, =1.0.25-beta.0, =0.5.0, =2.0.0-beta.0, =0.22.0, =1.0.1, =1.0.0, =1.0.0, =0.9.0, =1.0.0-alpha.13, =1.0.0-alpha.1, =1.0.0-alpha.1, =1.0.0-alpha.4 and more Source cves: CVE-2024-45812 Source advisory: OSV:GHSA-64VR-G452-QVP3...
128981semzub (=1.0.1), 1food-menu (>=0.3.0 <=0.3.7) +3131 more potentially affected by CVE-2024-45812 via vite (>=4.0.0 <=4.5.3)
vite NPM version =4.0.0, =0.3.0, =1.0.0, =2.0.3, =0.0.1, =0.0.1, =0.0.7, =4.0.61, =4.0.61, =4.0.61, =4.0.61, =0.0.1, =0.0.3 and more Source cves: CVE-2024-45812 Source advisory: OSV:GHSA-64VR-G452-QVP3...