Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5
CVE-2025-56648
- EPSS 0.01%
- Veröffentlicht 17.09.2025 19:15:46
- Zuletzt bearbeitet 26.01.2026 17:16:11
npm parcel 2.0.0-alpha and before has an Origin Validation Error vulnerability. Malicious websites can send XMLHTTPRequests to the application's development server and read the response to steal source code when developers visit them.
7.5
CVE-2018-14731
- EPSS 0.17%
- Veröffentlicht 21.09.2018 17:29:05
- Zuletzt bearbeitet 21.11.2024 03:49:41
An issue was discovered in HMRServer.js in Parcel parcel-bundler. Attackers are able to steal developer's code because the origin of requests is not checked by the WebSocket server, which is used for HMR (Hot Module Replacement). Anyone can receive t...
1