Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1
CVE-2024-43788
- EPSS 0.63%
- Published 27.08.2024 17:15:07
- Last modified 03.09.2024 15:15:15
Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobberi...
9.8
CVE-2023-28154
- EPSS 1.65%
- Published 13.03.2023 01:15:10
- Last modified 27.02.2025 20:15:37
Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object.
1