react@0.5.0 vulnerabilities
React is a JavaScript library for building user interfaces.
-
latest version
18.3.1
-
latest non vulnerable version
-
first published
13 years ago
-
latest version published
8 days ago
-
licenses detected
- >=0.0.0-375616788 <0.8.0; >=15.6.2 <16.0.0-alpha; >=16.0.0
Direct Vulnerabilities
Known vulnerabilities in the react package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
Affected versions of the package are vulnerable to Cross-site Scripting (XSS) due to the How to fix Cross-site Scripting (XSS)? Upgrade |
>=0.0.1 <0.14.0
|
Affected versions of the package contain Cross-site Scripting (XSS) vulnerability due to unescaped text before inserted into the DOM. A Cross-site Scripting (XSS) vulnerability can arise when using user data as a How to fix Cross-site Scripting (XSS)? This vulnerability only affects v0.5.x and v0.4.x. Versions in the 0.3.x family are unaffected.
Upgrade |
>=0.5.0 <0.5.2
>=0.4.0 <0.4.2
|