Asymmetric denial of service - ReDoS In @vitejs/plugin-rsc
Description
Vite Plugin React has a Denial of Service Vulnerability in React Server Components
Impact
@vitejs/plugin-rsc vendors react-server-dom-webpack, which contained a vulnerability in versions prior to 19.2.3. See details in React repository's advisory https://github.com/facebook/react/security/advisories/GHSA-7gmr-mq3h-m5h9
Patches
Upgrade immediately to @vitejs/[email protected] or later.
Mitigation
Update Impact
Minimal update. May introduce new vulnerabilities or breaking changes.
Ecosystem | Package | Affected version | Patched versions |
|---|---|---|---|
 npm | 0.5.7 |
Aliases
1. 2.
References
1.