VulnerableCode Package Details - pkg:npm/vite@5.1.7

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:npm/vite@5.1.7

purl	pkg:npm/vite@5.1.7

Next non-vulnerable version	5.1.8
Latest non-vulnerable version	7.1.11
Risk	3.1

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-mfry-5z57-n7ad Aliases: CVE-2024-45811 GHSA-9cwx-2883-4wfx		5.1.8 Affected by 0 other vulnerabilities. 5.2.14 Affected by 0 other vulnerabilities. 5.3.6 Affected by 0 other vulnerabilities. 5.4.6 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-mfry-5z57-n7ad
Aliases:
CVE-2024-45811
GHSA-9cwx-2883-4wfx

5.1.8
Affected by 0 other vulnerabilities.

5.2.14
Affected by 0 other vulnerabilities.

5.3.6
Affected by 0 other vulnerabilities.

5.4.6
Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-xbcf-jm6w-vyeu	Vite's `server.fs.deny` did not deny requests for patterns with directories. [Vite dev server option](https://vitejs.dev/config/server-options.html#server-fs-deny) `server.fs.deny` did not deny requests for patterns with directories. An example of such a pattern is `/foo/*/`.	GHSA-8jhw-289h-jh2g

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-05-31T01:04:51.529501+00:00	GHSA Importer	Affected by	VCID-mfry-5z57-n7ad	https://github.com/advisories/GHSA-9cwx-2883-4wfx	38.6.0
2026-05-30T21:03:45.540739+00:00	GitLab Importer	Fixing	VCID-xbcf-jm6w-vyeu	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/vite/GHSA-8jhw-289h-jh2g.yml	38.6.0