VulnerableCode Package Details - pkg:npm/%40remix-run/server-runtime@2.17.3

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-hwnh-8gqs-8fgj	React Router has CSRF issue in Action/Server Action Request Processing React Router (or Remix v2) is vulnerable to CSRF attacks on document POST requests to UI routes when using server-side route `action` handlers in [Framework Mode](https://reactrouter.com/start/modes#framework), or when using React Server Actions in the new unstable RSC modes. > [!NOTE] > This does not impact applications that use [Declarative Mode](https://reactrouter.com/start/modes#declarative) (`<BrowserRouter>`) or [Data Mode](https://reactrouter.com/start/modes#data) (`createBrowserRouter`/`<RouterProvider>`).	CVE-2026-22030 GHSA-h5cw-625j-3rxh

Vulnerability

Summary

Aliases

VCID-hwnh-8gqs-8fgj

React Router has CSRF issue in Action/Server Action Request Processing React Router (or Remix v2) is vulnerable to CSRF attacks on document POST requests to UI routes when using server-side route `action` handlers in [Framework Mode](https://reactrouter.com/start/modes#framework), or when using React Server Actions in the new unstable RSC modes. > [!NOTE] > This does not impact applications that use [Declarative Mode](https://reactrouter.com/start/modes#declarative) (`<BrowserRouter>`) or [Data Mode](https://reactrouter.com/start/modes#data) (`createBrowserRouter`/`<RouterProvider>`).

CVE-2026-22030
GHSA-h5cw-625j-3rxh

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-29T22:49:04.281509+00:00	GitLab Importer	Fixing	VCID-hwnh-8gqs-8fgj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/@remix-run/server-runtime/CVE-2026-22030.yml	38.5.0
2026-04-17T00:06:29.508298+00:00	GitLab Importer	Fixing	VCID-hwnh-8gqs-8fgj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/@remix-run/server-runtime/CVE-2026-22030.yml	38.4.0
2026-04-12T01:29:50.172983+00:00	GitLab Importer	Fixing	VCID-hwnh-8gqs-8fgj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/@remix-run/server-runtime/CVE-2026-22030.yml	38.3.0
2026-04-03T01:38:36.207583+00:00	GitLab Importer	Fixing	VCID-hwnh-8gqs-8fgj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/@remix-run/server-runtime/CVE-2026-22030.yml	38.1.0
2026-04-01T16:07:31.427821+00:00	GHSA Importer	Fixing	VCID-hwnh-8gqs-8fgj	https://github.com/advisories/GHSA-h5cw-625j-3rxh	38.0.0
2026-04-01T12:53:37.314824+00:00	GitLab Importer	Fixing	VCID-hwnh-8gqs-8fgj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/@remix-run/server-runtime/CVE-2026-22030.yml	38.0.0
2026-04-01T12:52:19.311036+00:00	GithubOSV Importer	Fixing	VCID-hwnh-8gqs-8fgj	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/01/GHSA-h5cw-625j-3rxh/GHSA-h5cw-625j-3rxh.json	38.0.0