FLAT-LRU4O (GHSA-hgv7-v322-mmgr)
Sensitive information sent insecurely In @sveltejs/kit
2.1
Low
Ecosystem: Npm
Package: @sveltejs/kit
FLAT-N07PB (CVE-2026-40074)
Insecure deserialization In @sveltejs/kit
1.7
Low
Ecosystem: Npm
Package: @sveltejs/kit
FLAT-EGYL9 (CVE-2026-40073)
Inadequate file size control In @sveltejs/kit
4.6
Medium
Ecosystem: Npm
Package: @sveltejs/kit
FLAT-50E65 (GHSA-fpg4-jhqr-589c)
Inadequate file size control In @sveltejs/kit
1.7
Low
Ecosystem: Npm
Package: @sveltejs/kit
FLAT-GN7JX (GHSA-88qp-p4qg-rqm6)
Lack of data validation - Type confusion In @sveltejs/kit
2.7
Low
Ecosystem: Npm
Package: @sveltejs/kit
FLAT-EWWTM (GHSA-vrhm-gvg7-fpcf)
Improper resource allocation In @sveltejs/kit
4.6
Medium
Ecosystem: Npm
Package: @sveltejs/kit
FLAT-DZEHK (CVE-2026-22803)
Lack of data validation In @sveltejs/kit
4.6
Medium
Ecosystem: Npm
Package: @sveltejs/kit
FLAT-9BNZ9 (CVE-2025-67647)
Server-side request forgery (SSRF) In @sveltejs/kit
5.0
Medium
Ecosystem: Npm
Package: @sveltejs/kit
FLAT-595H4 (CVE-2025-32388)
Reflected cross-site scripting (XSS) In @sveltejs/kit
1.3
Low
Ecosystem: Npm
Package: @sveltejs/kit
FLAT-ZMCML (CVE-2024-53261)
Reflected cross-site scripting (XSS) In @sveltejs/kit
1.2
Low
Ecosystem: Npm
Package: @sveltejs/kit
FLAT-OTQ1F (CVE-2024-53262)
Server side cross-site scripting In @sveltejs/kit
0.6
Low
Ecosystem: Npm
Package: @sveltejs/kit
FLAT-0V1C8 (CVE-2024-23641)
Lack of data validation In @sveltejs/kit
6.6
Medium
Ecosystem: Npm
Package: @sveltejs/kit
FLAT-JMCUO (CVE-2023-29008)
Server-side request forgery (SSRF) In @sveltejs/kit
7.7
High
Ecosystem: Npm
Package: @sveltejs/kit
FLAT-NWBZB (CVE-2023-29003)
Cross-site request forgery In @sveltejs/kit
6.3
Medium
Ecosystem: Npm
Package: @sveltejs/kit