4 matches found
CVE-2026-6402 vulnerabilities
Vulnerabilities for packages: argo-workflows...
Linux Distros Unpatched Vulnerability : CVE-2026-6402
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - webpack-dev-server versions up to and including 5.2.3 are vulnerable to cross-origin source code exposure when serving over a non-potentially trustworthy origin...
CVE-2026-6402
creationtimestamp| type| source ---|---|--- 2026-05-12 07:53:37+00:00| seen| https://bsky.app/profile/ulisesgascon.com/post/3mlncojczic27 2026-05-18 14:40:50+00:00| seen| https://gist.github.com/alon710/6c307c7259353f2c5a97793055cbda6e...
CVE-2026-6402 webpack-dev-server vulnerable to cross-origin source code exposure on non-HTTPS origins
webpack-dev-server versions up to and including 5.2.3 are vulnerable to cross-origin source code exposure when serving over a non-potentially trustworthy origin such as plain HTTP. The previous fix relied on the Sec-Fetch-Mode and Sec-Fetch-Site request headers, which browsers omit for...