Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Browse Security Advisories

Security Advisories for @sveltejs/kit in npm Clear Filters

Moderate
5 months ago

@sveltejs/kit vulnerable to Cross-site Scripting via tracked search_params GSA_kwCzR0hTQS02cTg3LTg0anctY2pocM4ABGwR

npm @sveltejs/kit
Low
10 months ago

@sveltejs/kit vulnerable to XSS on dev mode 404 page GSA_kwCzR0hTQS1yamp2LTg3bXgtNngzaM4ABBvG

npm @sveltejs/kit
Low
10 months ago

@sveltejs/kit has unescaped error message included on error page GSA_kwCzR0hTQS1taDJ4LWZjcWgtZm1xds4ABBvF

npm @sveltejs/kit
High
over 1 year ago

Sending a GET or HEAD request with a body crashes SvelteKit GSA_kwCzR0hTQS1nNW02LWh4cHAtZmM0Oc4AA4qX

npm @sveltejs/adapter-node, @sveltejs/kit
High
over 2 years ago

SvelteKit framework has Insufficient CSRF protection for CORS requests GSA_kwCzR0hTQS1ndjdnLXg1OXgtd2Y4Zs4AAyoO

npm @sveltejs/kit
High
over 2 years ago

SvelteKit vulnerable to Cross-Site Request Forgery GSA_kwCzR0hTQS01cDc1LXZjNWctOHJ2Ms4AAyiw

npm @sveltejs/kit

Filter by Severity

Moderate 10,385 High 8,199 Critical 3,366 Low 1,511

Filter by Ecosystem

maven 6,902 packagist 5,423 pypi 4,949 npm 4,327 go 2,948 nuget 1,881 cargo 1,091 rubygems 928 hex 38 actions 37 swift 36 pub 10

Filter by Package

directus 39 parse-server 33 next 29 electron 29 flowise 24 @openzeppelin/contracts-upgradeable 22 @openzeppelin/contracts 21 sequelize 16 ghost 16 tinymce 16 undici 15 vite 15 ckeditor4 15 joplin 14 nodebb 14 angular 14 swagger-ui 14 strapi 13 matrix-js-sdk 12 marked 12 vm2 12 nocodb 11 handlebars 11 bootstrap 11 tinymce/tinymce 11 TinyMCE 11 n8n 10 serve 9 matrix-react-sdk 9 @evershop/evershop 9 matrix-appservice-irc 9 uptime-kuma 9 systeminformation 9 next-auth 9 @strapi/strapi 9 @directus/api 8 jquery 8 elliptic 8 url-parse 8 editor.md 8 validator 8 @haxtheweb/haxcms-nodejs 8 bootstrap 8 jquery-rails 8 sanitize-html 8 twbs/bootstrap 8 org.webjars:bootstrap 8 bootstrap 8 npm 8 express-cart 8 jsrsasign 8 dompurify 8 urijs 8 node-forge 8 steal 8 org.webjars.npm:jquery 8 shescape 8 tar 8 jquery-ui 7 total.js 7 jQuery 7 axios 7 jQuery.UI.Combined 7 hapi 7 vega 7 mongoose 7 lodash-rails 7 org.webjars.npm:jquery-ui 7 jquery-ui-rails 7 mermaid 7 snyk-broker 7 lodash 7 @anthropic-ai/claude-code 7 hermes-engine 7 parse-url 6 mattermost-desktop 6 hono 6 prismjs 6 @strapi/plugin-users-permissions 6 bootstrap-sass 6 @sveltejs/kit 6 safe-eval 6 @lobehub/chat 6 openpgp 6 aaptjs 6 bootstrap-sass 6 rsshub 6 bootstrap.sass 6 tarteaucitronjs 6 froala-editor 5 @saltcorn/server 5 keystone 5 public 5 katex 5 lodash-es 5 trix 5 better-auth 5 yarn 5 astro 5 ws 5 dojo 5 total4 5 ejs 5 rendertron 5 @backstage/plugin-scaffolder-backend 5 mysql2 5 xlsx 5 ua-parser-js 5 express 5 sweetalert2 5 jspdf 5 aws-cdk-lib 5 vditor 5 fastify 5 @keystone-6/core 5 passport-wsfed-saml2 5 nuxt 5 materialize-css 4 jsonwebtoken 4 generator-jhipster 4 auth0-js 4 moment 4 apollo-server-core 4 jquery-validation 4 engine.io 4 @finos/git-proxy 4 safer-eval 4 mongosh 4 erxes 4 @intlify/vue-i18n-core 4 hummus 4 mongo-express 4 meshcentral 4 multer 4 follow-redirects 4 apostrophe 4 realms-shim 4 fast-xml-parser 4 glance 4 vega-functions 4 software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk 4 petite-vue-i18n 4 awsiotsdk 4 pnpm 4 aws-iot-device-sdk-v2 4 snyk 4 @auth0/nextjs-auth0 4 remarkable 4 payload 4 yui 4 @apollo/gateway 4 valine 4 muhammara 4 simple-git 4 @node-saml/node-saml 4 ecstatic 4 simple-markdown 4 xml-crypto 4 auth0-lock 4 vue-i18n 4 ses 4 code-server 4 qs 4 convert-svg-core 4 renovate 3 wrangler 3 blamer 3 libxmljs 3 passport-saml 3 jointjs 3 send 3 @cubejs-backend/api-gateway 3 @strapi/plugin-content-manager 3 serialize-javascript 3 http-live-simulator 3 json-pointer 3 docsify 3 @janhq/core 3 express-fileupload 3 webpack-dev-server 3 open-webui 3 ftp-srv 3 @intlify/core-base 3 m-server 3 notevil 3 node-ipc 3 moodle/moodle 3 slp-validate 3 object-path 3 xmldom 3 node-jose 3 socket.io-file 3 openmct 3 open-webui 3 typeorm 3 jose-node-esm-runtime 3 postcss 3 ckeditor/ckeditor 3 connect 3 stimulsoft-dashboards-js 3

Filter by Repository

https://github.com/sveltejs/kit 6