Описание
Vite Plugin React has a Source Code Exposure Vulnerability in React Server Components
Impact
@vitejs/plugin-rsc vendors react-server-dom-webpack, which contained a vulnerability in versions prior to 19.2.3. See details in React repository's advisory https://github.com/facebook/react/security/advisories/GHSA-925w-6v3x-g4j4
Patches
Upgrade immediately to @vitejs/plugin-rsc@0.5.7 or later.
Пакеты
Наименование
@vitejs/plugin-rsc
npm
Затронутые версииВерсия исправления
<= 0.5.6
0.5.7
5.3 Medium
CVSS3
Дефекты
CWE-1395
CWE-497
CWE-502
5.3 Medium
CVSS3
Дефекты
CWE-1395
CWE-497
CWE-502