org.webjars.npm:vite@3.2.5 vulnerabilities
-
latest version
5.4.9
-
latest non vulnerable version
-
first published
3 years ago
-
latest version published
a month ago
-
licenses detected
- [2.9.0,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.webjars.npm:vite package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.webjars.npm:vite is a Native-ESM powered web dev build tool Affected versions of this package are vulnerable to Information Exposure when using How to fix Information Exposure? Upgrade |
[,5.4.9)
|
org.webjars.npm:vite is a Native-ESM powered web dev build tool Affected versions of this package are vulnerable to Cross-site Scripting (XSS) through the How to fix Cross-site Scripting (XSS)? Upgrade |
[,5.4.9)
|
org.webjars.npm:vite is a Native-ESM powered web dev build tool Affected versions of this package are vulnerable to Improper Access Control due to improper request handling through Note: Only apps setting a custom How to fix Improper Access Control? Upgrade |
[,5.4.9)
|
org.webjars.npm:vite is a Native-ESM powered web dev build tool Affected versions of this package are vulnerable to Access Control Bypass via the How to fix Access Control Bypass? Upgrade |
[,5.4.9)
|
org.webjars.npm:vite is a Native-ESM powered web dev build tool Affected versions of this package are vulnerable to Path Equivalence such that Server Options ( Note: Only users explicitly exposing the Vite dev server to the network (using How to fix Path Equivalence? Upgrade |
[,5.4.9)
|