Количество 2
Количество 2
CVE-2024-24558
TanStack Query supplies asynchronous state management, server-state utilities and data fetching for the web. The `@tanstack/react-query-next-experimental` NPM package is vulnerable to a cross-site scripting vulnerability. To exploit this, an attacker would need to either inject malicious input or arrange to have malicious input be returned from an endpoint. To fix this issue, please update to version 5.18.0 or later.
GHSA-997g-27x8-43rf
react-query-streamed-hydration Cross-site Scripting vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-24558 TanStack Query supplies asynchronous state management, server-state utilities and data fetching for the web. The `@tanstack/react-query-next-experimental` NPM package is vulnerable to a cross-site scripting vulnerability. To exploit this, an attacker would need to either inject malicious input or arrange to have malicious input be returned from an endpoint. To fix this issue, please update to version 5.18.0 or later. | CVSS3: 8.2 | 0% Низкий | около 2 лет назад |
| GHSA-997g-27x8-43rf react-query-streamed-hydration Cross-site Scripting vulnerability | CVSS3: 8.2 | 0% Низкий | около 2 лет назад |
Уязвимостей на страницу