Lucene search
K

4919 matches found

Snyk
Snyk
added 2025/12/11 10:36 p.m.12 views

Deserialization of Untrusted Data

Overview react-server-dom-turbopack is a React Server Components bindings for DOM using Turbopack. This is intended to be integrated into meta-frameworks. It is not intended to be imported directly. Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to unsaf...

8.7CVSS6.7AI score0.65592EPSS
Exploits13References2
vulnersOsv
vulnersOsv
added 2025/12/11 10:36 p.m.8 views

@amazeelabs/bridge-waku (>=1.1.9 <=2.0.1), @amazeelabs/executors (>=3.1.12 <=3.1.14) +20 more potentially affected by CVE-2025-55184 via react-server-dom-webpack (>=19.0.0 <=19.0.1)

react-server-dom-webpack NPM version =19.0.0, =1.1.9, =3.1.12, =1.4.7, =1.1.3, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859,...

7.5CVSS7.3AI score0.65592EPSS
Exploits10
EUVD
EUVD
added 2025/12/11 10:36 p.m.8 views

EUVD-2025-202877

Denial of Service Vulnerability in React Server Components...

7.5CVSS6.3AI score0.65592EPSS
Exploits10References4
Github Security Blog
Github Security Blog
added 2025/12/11 10:36 p.m.12 views

Denial of Service Vulnerability in React Server Components

Impact There is a denial of service vulnerability in React Server Components. React recommends updating immediately. The vulnerability exists in versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1 of: - react-server-dom-webpack - react-server-dom-parcel - react-server-dom-turbopack...

7.5CVSS7AI score0.65592EPSS
Exploits10References5Affected Software3
vulnersOsv
vulnersOsv
added 2025/12/11 10:36 p.m.8 views

@cedarjs/api-server (>=1.0.0-canary.12863 <=1.0.0-canary.12878), @cedarjs/cli (>=1.0.0-canary.12863 <=2.0.3-next.1) +10 more potentially affected by CVE-2025-55184 via react-server-dom-webpack (=19.2.1)

react-server-dom-webpack NPM version =19.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on react-server-dom-webpack and may be impacted: - @cedarjs/api-server =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863,...

7.5CVSS7.3AI score0.65592EPSS
Exploits10
vulnersOsv
vulnersOsv
added 2025/12/11 10:36 p.m.7 views

@amazeelabs/bridge-waku (>=1.1.9 <=2.0.1), @amazeelabs/executors (>=3.1.12 <=3.1.14) +20 more potentially affected by CVE-2025-55183 +1 more via react-server-dom-webpack (>=19.0.0 <=19.0.1)

react-server-dom-webpack NPM version =19.0.0, =1.1.9, =3.1.12, =1.4.7, =1.1.3, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859,...

7.5CVSS7AI score0.65592EPSS
Exploits13
OSV
OSV
added 2025/12/11 10:36 p.m.3 views

GHSA-2M3V-V2M8-Q956 Denial of Service Vulnerability in React Server Components

Impact There is a denial of service vulnerability in React Server Components. React recommends updating immediately. The vulnerability exists in versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1 of: - react-server-dom-webpack - react-server-dom-parcel - react-server-dom-turbopack...

7.5CVSS6AI score0.65592EPSS
Exploits10References5
EUVD
EUVD
added 2025/12/11 10:36 p.m.8 views

EUVD-2025-202879

Source Code Exposure Vulnerability in React Server Components...

5.3CVSS6.4AI score0.62405EPSS
Exploits7References4
vulnersOsv
vulnersOsv
added 2025/12/11 10:36 p.m.7 views

@amazeelabs/bridge-waku (>=1.1.9 <=2.0.1), @amazeelabs/executors (>=3.1.12 <=3.1.14) +20 more potentially affected by CVE-2025-55183 via react-server-dom-webpack (>=19.0.0 <=19.0.1)

react-server-dom-webpack NPM version =19.0.0, =1.1.9, =3.1.12, =1.4.7, =1.1.3, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859,...

5.3CVSS6.9AI score0.62405EPSS
Exploits7
vulnersOsv
vulnersOsv
added 2025/12/11 10:36 p.m.7 views

@cedarjs/api-server (>=1.0.0-canary.12863 <=1.0.0-canary.12878), @cedarjs/cli (>=1.0.0-canary.12863 <=2.0.3-next.1) +10 more potentially affected by CVE-2025-55183 via react-server-dom-webpack (=19.2.1)

react-server-dom-webpack NPM version =19.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on react-server-dom-webpack and may be impacted: - @cedarjs/api-server =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863,...

5.3CVSS6.9AI score0.62405EPSS
Exploits7
Github Security Blog
Github Security Blog
added 2025/12/11 10:36 p.m.13 views

Source Code Exposure Vulnerability in React Server Components

Impact There is a source code exposure vulnerability in React Server Components. React recommends updating immediately. The vulnerability exists in versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1 of: - react-server-dom-webpack - react-server-dom-parcel - react-server-dom-turbopa...

5.3CVSS7AI score0.62405EPSS
Exploits7References5Affected Software3
OSV
OSV
added 2025/12/11 10:36 p.m.2 views

GHSA-925W-6V3X-G4J4 Source Code Exposure Vulnerability in React Server Components

Impact There is a source code exposure vulnerability in React Server Components. React recommends updating immediately. The vulnerability exists in versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1 of: - react-server-dom-webpack - react-server-dom-parcel - react-server-dom-turbopa...

5.3CVSS6.5AI score0.62405EPSS
Exploits7References5
F5 Networks
F5 Networks
added 2025/12/11 10:31 p.m.15 views

K000158155: React framework vulnerability CVE-2025-55183

Security Advisory Description An information leak vulnerability exists in specific configurations of React Server Components versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1, including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and...

5.3CVSS5.8AI score0.62405EPSS
Exploits7
GithubExploit
GithubExploit
added 2025/12/11 10:5 p.m.149 views

Exploit for Deserialization of Untrusted Data in Facebook React

react2shellburp CVE-2025-55182 Burp Suite extension for ide...

10CVSS7AI score0.99562EPSS
Exploits372
GithubExploit
GithubExploit
added 2025/12/11 10:1 p.m.164 views

Exploit for Deserialization of Untrusted Data in Facebook React

🚀 R2S - Next.js RSC Exploit Framework !Versionhttps://im...

10CVSS8AI score0.99562EPSS
Exploits372
F5 Networks
F5 Networks
added 2025/12/11 9:53 p.m.17 views

K000158154: React framework vulnerability CVE-2025-55184

Security Advisory Description A pre-authentication denial of service vulnerability exists in React Server Components versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1, including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and...

7.5CVSS5.8AI score0.65592EPSS
Exploits10
Snyk
Snyk
added 2025/12/11 8:43 p.m.6 views

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview react-server-dom-parcel is a React Server Components bindings for DOM using Parcel. This is intended to be integrated into meta-frameworks. It is not intended to be imported directly. Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an...

7.5CVSS7AI score0.65592EPSS
Exploits13References2
Snyk
Snyk
added 2025/12/11 8:43 p.m.8 views

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview @vitejs/plugin-rsc is a React Server Components RSC support for Vite. Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere. An attacker can access the source code of any Server Function by sending a malicious HTTP...

7.5CVSS7AI score0.65592EPSS
Exploits13References2
Snyk
Snyk
added 2025/12/11 8:43 p.m.11 views

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview next is a react framework. Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere. An attacker can access the source code of any Server Function by sending a malicious HTTP request to a vulnerable Server Function...

7.5CVSS7AI score0.65592EPSS
Exploits13References2
Snyk
Snyk
added 2025/12/11 8:43 p.m.8 views

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview react-server-dom-webpack is a React Server Components bindings for DOM using Webpack. This is intended to be integrated into meta-frameworks. It is not intended to be imported directly. Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an...

7.5CVSS7AI score0.65592EPSS
Exploits13References2
Rows per page
Query Builder