6.0.3
4 years ago
9 days ago
Known vulnerabilities in the vite package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
vite is a Native-ESM powered web dev build tool Affected versions of this package are vulnerable to Information Exposure when using How to fix Information Exposure? Upgrade | <3.2.11>=4.0.0 <4.5.5>=5.0.0 <5.2.14>=5.3.0 <5.3.6>=5.4.0 <5.4.6 |
vite is a Native-ESM powered web dev build tool Affected versions of this package are vulnerable to Cross-site Scripting (XSS) through the How to fix Cross-site Scripting (XSS)? Upgrade | <3.2.11>=4.0.0 <4.5.5>=5.0.0 <5.2.14>=5.3.0 <5.3.6>=5.4.0 <5.4.6 |
vite is a Native-ESM powered web dev build tool Affected versions of this package are vulnerable to Improper Access Control due to improper request handling through Note: Only apps setting a custom How to fix Improper Access Control? Upgrade | >=2.7.0 <2.9.18>=3.0.0 <3.2.10>=4.0.0 <4.5.3>=5.0.0 <5.0.13>=5.1.0 <5.1.7>=5.2.0 <5.2.6 |
vite is a Native-ESM powered web dev build tool Affected versions of this package are vulnerable to Access Control Bypass via the How to fix Access Control Bypass? Upgrade | >=2.7.0 <2.9.17>=3.0.0 <3.2.8>=4.0.0 <4.5.2>=5.0.0 <5.0.12 |
vite is a Native-ESM powered web dev build tool Affected versions of this package are vulnerable to Path Equivalence such that Server Options ( Note: Only users explicitly exposing the Vite dev server to the network (using How to fix Path Equivalence? Upgrade | <2.9.16>=3.0.0 <3.2.7>=4.0.0 <4.0.5>=4.1.0 <4.1.5>=4.2.0 <4.2.3>=4.3.0 <4.3.9 |