Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-25875 | 1 Svelte | 1 Svelte | 2022-07-19 | 4.3 MEDIUM | 6.1 MEDIUM |
| The package svelte before 3.49.0 are vulnerable to Cross-site Scripting (XSS) due to improper input sanitization and to improper escape of attributes when using objects during SSR (Server-Side Rendering). Exploiting this vulnerability is possible via objects with a custom toString() function. | |||||
| CVE-2021-29261 | 1 Svelte | 1 Svelte | 2021-04-08 | 6.8 MEDIUM | 7.8 HIGH |
| The unofficial Svelte extension before 104.8.0 for Visual Studio Code allows attackers to execute arbitrary code via a crafted workspace configuration. | |||||