VulnerableCode Package Details - pkg:npm/%40theia/plugin-ext@1.18.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:npm/%40theia/plugin-ext@1.18.0

purl	pkg:npm/%40theia/plugin-ext@1.18.0

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-xrub-xmts-5qc7	Insufficient Verification of Data Authenticity The @theia/plugin-ext component of Eclipse Theia, Webview contents can be hijacked via `postMessage()`.	CVE-2021-41038 GHSA-w6v7-w58j-pg5r

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-05-31T00:53:58.093070+00:00	GHSA Importer	Fixing	VCID-xrub-xmts-5qc7	https://github.com/advisories/GHSA-w6v7-w58j-pg5r	38.6.0
2026-05-30T20:56:16.674416+00:00	GitLab Importer	Fixing	VCID-xrub-xmts-5qc7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/@theia/plugin-ext/CVE-2021-41038.yml	38.6.0