You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Cross-realm object access in Webpack 5 with CVSS score 7.6. fixed version: 5.76.0
About this package:
External dependency: webpack - https://www.npmjs.com/package/webpack
Package details: Packs CommonJs/AMD modules for the browser. Allows to split your codebase into multiple bundles, which can be loaded on demand. Support loaders to preprocess files, i.e. json, jsx, es7, css, less, ... and your custom stuff.
Latest version: 5.75.0
License: MIT
Insights:
Adequately tested - Testing practices are thoroughly followed
Backed by foundation - This package is backed by a respected OSS foundation and adheres to its maintenance standards
Frequent commits - New code commits are frequently being pushed
Current CVE - A CVE on this package has not been fixed by an official release/patch
Popularity - This widely used package is popular
Not fixable - This package includes a CVE that has not been fixed by an official release or patch
Known exploit - This package has 1 Known Exploitable Vulnerabilities.
Source: CISA.gov
Has Vulnerabilities - Has Vulnerabilities
Public Repository - This is a repository accessible by the general public
This is a sub-dependency
In order to update its version, you may need to upgrade the following top-level dependencies:
Discovered on: Jul 19, 2023 12:43
Dependency: webpack
Version: 5.75.0
Type: Sub dependency
Introduced through: @docusaurus/core, @docusaurus/module-type-aliases, @docusaurus/preset-classic
Vulnerabilities
About this package:
External dependency: webpack - https://www.npmjs.com/package/webpack
Package details: Packs CommonJs/AMD modules for the browser. Allows to split your codebase into multiple bundles, which can be loaded on demand. Support loaders to preprocess files, i.e. json, jsx, es7, css, less, ... and your custom stuff.
Latest version: 5.75.0
License: MIT
Insights:
Source: CISA.gov
This is a sub-dependency
In order to update its version, you may need to upgrade the following top-level dependencies:
View in Apiiro
The text was updated successfully, but these errors were encountered: