4 matches found
@4399ywkf/router (>=0.0.1 <=0.0.4), @aws/nx-plugin (>=0.44.0 <=0.59.0) +122 more potentially affected by CVE-2026-23869 via @modern-js/utils (>=2.65.2 <=2.70.4)
@modern-js/utils NPM version =2.65.2, =0.0.1, =0.44.0, =2.23.0, =0.3.53, =0.0.0-beta.1, =1.0.1, =0.1.0-next.717, =2.6.0, =2.70.4 - @modern-js/babel-preset-app =2.6.0 - @modern-js/babel-preset-base =2.6.0 and more Source cves: CVE-2026-23869 Source advisory: SNYK:JS-MODERNJSUTILS-15954203...
@4399ywkf/router (>=0.0.1 <=0.0.4), @aws/nx-plugin (>=0.44.0 <=0.59.0) +89 more potentially affected by CVE-2025-55183 +1 more via @modern-js/utils (>=2.65.2 <=2.69.2)
@modern-js/utils NPM version =2.65.2, =0.0.1, =0.44.0, =2.23.0, =0.3.53, =1.0.1, =0.1.0-next.717, =2.65.2, =2.65.2, =2.65.2, =2.65.2, =2.65.2, =3.7.20, =3.7.60 and more Source cves: CVE-2025-55183, CVE-2025-55184 Source advisory: SNYK:JS-MODERNJSUTILS-15120606...
Deserialization of Untrusted Data
Overview @modern-js/utils is a progressive web framework based on React. Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to unsafe deserialization of payloads from HTTP requests to Server Function endpoints. An attacker can cause the server process to ent...
@4399ywkf/router (>=0.0.1 <=0.0.4), @aws/nx-plugin (>=0.44.0 <=0.59.0) +89 more potentially affected by CVE-2025-55182 via @modern-js/utils (>=2.65.2 <=2.69.2)
@modern-js/utils NPM version =2.65.2, =0.0.1, =0.44.0, =2.23.0, =0.3.53, =1.0.1, =0.1.0-next.717, =2.65.2, =2.65.2, =2.65.2, =2.65.2, =2.65.2, =3.7.20, =3.7.60 and more Source cves: CVE-2025-55182 Source advisory: SNYK:JS-MODERNJSUTILS-14723360...