@builder.io/qwik@1.7.0-dev20240711122353 vulnerabilities
An Open-Source sub-framework designed with a focus on server-side-rendering, lazy-loading, and styling/animation.
-
latest version
1.10.0
-
latest non vulnerable version
-
first published
3 years ago
-
latest version published
11 days ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the @builder.io/qwik package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
@builder.io/qwik is an An Open-Source sub-framework designed with a focus on server-side-rendering, lazy-loading, and styling/animation. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to improper HTML escaping in the server-side rendering process. An attacker can manipulate the DOM by injecting malicious scripts through crafted input that bypasses the escaping rules. How to fix Cross-site Scripting (XSS)? Upgrade |
<1.7.3
|