VulnerableCode Package Details - pkg:npm/react-router@6.0.0

Search for packages

Vulnerability	Summary	Fixed by
VCID-2bdv-sysu-ryef Aliases: CVE-2025-68470 GHSA-9jcx-v3wj-wh4m	React Router has unexpected external redirect via untrusted paths An attacker-supplied path can be crafted so that when a React Router application navigates to it via `navigate()`, `<Link>`, or `redirect()`, the app performs a navigation/redirect to an external URL. This is only an issue if developers pass untrusted content into navigation paths in their application code.	6.30.2 Affected by 0 other vulnerabilities. 7.9.6 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-2bdv-sysu-ryef
Aliases:
CVE-2025-68470
GHSA-9jcx-v3wj-wh4m

React Router has unexpected external redirect via untrusted paths An attacker-supplied path can be crafted so that when a React Router application navigates to it via `navigate()`, `<Link>`, or `redirect()`, the app performs a navigation/redirect to an external URL. This is only an issue if developers pass untrusted content into navigation paths in their application code.

6.30.2
Affected by 0 other vulnerabilities.

7.9.6
Affected by 3 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-29T22:49:08.545569+00:00	GitLab Importer	Affected by	VCID-2bdv-sysu-ryef	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/react-router/CVE-2025-68470.yml	38.5.0
2026-04-17T00:06:33.060280+00:00	GitLab Importer	Affected by	VCID-2bdv-sysu-ryef	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/react-router/CVE-2025-68470.yml	38.4.0
2026-04-12T01:29:54.726321+00:00	GitLab Importer	Affected by	VCID-2bdv-sysu-ryef	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/react-router/CVE-2025-68470.yml	38.3.0
2026-04-03T01:38:40.329867+00:00	GitLab Importer	Affected by	VCID-2bdv-sysu-ryef	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/react-router/CVE-2025-68470.yml	38.1.0
2026-04-01T16:07:31.259265+00:00	GHSA Importer	Affected by	VCID-2bdv-sysu-ryef	https://github.com/advisories/GHSA-9jcx-v3wj-wh4m	38.0.0
2026-04-01T12:53:37.440792+00:00	GitLab Importer	Affected by	VCID-2bdv-sysu-ryef	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/react-router/CVE-2025-68470.yml	38.0.0