{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/360477?format=json","vulnerability_id":"VCID-cxqy-4aua-v3bt","summary":"Svelte: SSR XSS via Insecure Promise Serialization in hydratable\nContents of `hydratable` promises were not properly stringified, potentially leading to an XSS exploit. You are vulnerable if all of the following is true:\n- you are using `hydratable` (an experimental feature at the time of this report)\n- you are passing attacker-controlled input such that a synchronous value is hydrated, then a promise value, e.g. `hydratable('someKey', () => [synchronousValue, promiseValue])`","aliases":[{"alias":"GHSA-f3cj-j4f6-wq85"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/375429?format=json","purl":"pkg:npm/svelte@5.55.7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.55.7"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/37821?format=json","purl":"pkg:npm/svelte@5.46.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-4hh1-vzj8-bqfy"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eccr-c8xw-rqcn"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-w8kg-2qq6-xyet"},{"vulnerability":"VCID-x1g1-8b9m-5yhz"},{"vulnerability":"VCID-zmre-1nsj-9ug6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.46.0"},{"url":"http://public2.vulnerablecode.io/api/packages/923179?format=json","purl":"pkg:npm/svelte@5.46.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-4hh1-vzj8-bqfy"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eccr-c8xw-rqcn"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-w8kg-2qq6-xyet"},{"vulnerability":"VCID-x1g1-8b9m-5yhz"},{"vulnerability":"VCID-zmre-1nsj-9ug6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.46.1"},{"url":"http://public2.vulnerablecode.io/api/packages/37822?format=json","purl":"pkg:npm/svelte@5.46.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-4hh1-vzj8-bqfy"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eccr-c8xw-rqcn"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-w8kg-2qq6-xyet"},{"vulnerability":"VCID-x1g1-8b9m-5yhz"},{"vulnerability":"VCID-zmre-1nsj-9ug6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.46.3"},{"url":"http://public2.vulnerablecode.io/api/packages/37823?format=json","purl":"pkg:npm/svelte@5.46.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-4hh1-vzj8-bqfy"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-w8kg-2qq6-xyet"},{"vulnerability":"VCID-x1g1-8b9m-5yhz"},{"vulnerability":"VCID-zmre-1nsj-9ug6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.46.4"},{"url":"http://public2.vulnerablecode.io/api/packages/949354?format=json","purl":"pkg:npm/svelte@5.47.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-4hh1-vzj8-bqfy"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-w8kg-2qq6-xyet"},{"vulnerability":"VCID-x1g1-8b9m-5yhz"},{"vulnerability":"VCID-zmre-1nsj-9ug6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.47.0"},{"url":"http://public2.vulnerablecode.io/api/packages/949355?format=json","purl":"pkg:npm/svelte@5.47.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-4hh1-vzj8-bqfy"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-w8kg-2qq6-xyet"},{"vulnerability":"VCID-x1g1-8b9m-5yhz"},{"vulnerability":"VCID-zmre-1nsj-9ug6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.47.1"},{"url":"http://public2.vulnerablecode.io/api/packages/949356?format=json","purl":"pkg:npm/svelte@5.48.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-4hh1-vzj8-bqfy"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-w8kg-2qq6-xyet"},{"vulnerability":"VCID-x1g1-8b9m-5yhz"},{"vulnerability":"VCID-zmre-1nsj-9ug6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.48.0"},{"url":"http://public2.vulnerablecode.io/api/packages/949357?format=json","purl":"pkg:npm/svelte@5.48.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-4hh1-vzj8-bqfy"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-w8kg-2qq6-xyet"},{"vulnerability":"VCID-x1g1-8b9m-5yhz"},{"vulnerability":"VCID-zmre-1nsj-9ug6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.48.1"},{"url":"http://public2.vulnerablecode.io/api/packages/949358?format=json","purl":"pkg:npm/svelte@5.48.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-4hh1-vzj8-bqfy"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-w8kg-2qq6-xyet"},{"vulnerability":"VCID-x1g1-8b9m-5yhz"},{"vulnerability":"VCID-zmre-1nsj-9ug6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.48.2"},{"url":"http://public2.vulnerablecode.io/api/packages/949359?format=json","purl":"pkg:npm/svelte@5.48.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-4hh1-vzj8-bqfy"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-w8kg-2qq6-xyet"},{"vulnerability":"VCID-x1g1-8b9m-5yhz"},{"vulnerability":"VCID-zmre-1nsj-9ug6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.48.3"},{"url":"http://public2.vulnerablecode.io/api/packages/949360?format=json","purl":"pkg:npm/svelte@5.48.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-4hh1-vzj8-bqfy"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-w8kg-2qq6-xyet"},{"vulnerability":"VCID-x1g1-8b9m-5yhz"},{"vulnerability":"VCID-zmre-1nsj-9ug6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.48.4"},{"url":"http://public2.vulnerablecode.io/api/packages/949361?format=json","purl":"pkg:npm/svelte@5.48.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-4hh1-vzj8-bqfy"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-w8kg-2qq6-xyet"},{"vulnerability":"VCID-x1g1-8b9m-5yhz"},{"vulnerability":"VCID-zmre-1nsj-9ug6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.48.5"},{"url":"http://public2.vulnerablecode.io/api/packages/949362?format=json","purl":"pkg:npm/svelte@5.49.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-4hh1-vzj8-bqfy"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-w8kg-2qq6-xyet"},{"vulnerability":"VCID-x1g1-8b9m-5yhz"},{"vulnerability":"VCID-zmre-1nsj-9ug6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.49.0"},{"url":"http://public2.vulnerablecode.io/api/packages/949363?format=json","purl":"pkg:npm/svelte@5.49.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-4hh1-vzj8-bqfy"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-w8kg-2qq6-xyet"},{"vulnerability":"VCID-x1g1-8b9m-5yhz"},{"vulnerability":"VCID-zmre-1nsj-9ug6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.49.1"},{"url":"http://public2.vulnerablecode.io/api/packages/949364?format=json","purl":"pkg:npm/svelte@5.49.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-4hh1-vzj8-bqfy"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-w8kg-2qq6-xyet"},{"vulnerability":"VCID-x1g1-8b9m-5yhz"},{"vulnerability":"VCID-zmre-1nsj-9ug6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.49.2"},{"url":"http://public2.vulnerablecode.io/api/packages/949365?format=json","purl":"pkg:npm/svelte@5.50.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-4hh1-vzj8-bqfy"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-w8kg-2qq6-xyet"},{"vulnerability":"VCID-x1g1-8b9m-5yhz"},{"vulnerability":"VCID-zmre-1nsj-9ug6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.50.0"},{"url":"http://public2.vulnerablecode.io/api/packages/949366?format=json","purl":"pkg:npm/svelte@5.50.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-4hh1-vzj8-bqfy"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-w8kg-2qq6-xyet"},{"vulnerability":"VCID-x1g1-8b9m-5yhz"},{"vulnerability":"VCID-zmre-1nsj-9ug6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.50.1"},{"url":"http://public2.vulnerablecode.io/api/packages/949367?format=json","purl":"pkg:npm/svelte@5.50.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-4hh1-vzj8-bqfy"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-w8kg-2qq6-xyet"},{"vulnerability":"VCID-x1g1-8b9m-5yhz"},{"vulnerability":"VCID-zmre-1nsj-9ug6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.50.2"},{"url":"http://public2.vulnerablecode.io/api/packages/949368?format=json","purl":"pkg:npm/svelte@5.50.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-4hh1-vzj8-bqfy"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-w8kg-2qq6-xyet"},{"vulnerability":"VCID-x1g1-8b9m-5yhz"},{"vulnerability":"VCID-zmre-1nsj-9ug6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.50.3"},{"url":"http://public2.vulnerablecode.io/api/packages/949369?format=json","purl":"pkg:npm/svelte@5.51.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-4hh1-vzj8-bqfy"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-w8kg-2qq6-xyet"},{"vulnerability":"VCID-x1g1-8b9m-5yhz"},{"vulnerability":"VCID-zmre-1nsj-9ug6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.51.0"},{"url":"http://public2.vulnerablecode.io/api/packages/949370?format=json","purl":"pkg:npm/svelte@5.51.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-4hh1-vzj8-bqfy"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-w8kg-2qq6-xyet"},{"vulnerability":"VCID-x1g1-8b9m-5yhz"},{"vulnerability":"VCID-zmre-1nsj-9ug6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.51.1"},{"url":"http://public2.vulnerablecode.io/api/packages/949371?format=json","purl":"pkg:npm/svelte@5.51.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-4hh1-vzj8-bqfy"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-w8kg-2qq6-xyet"},{"vulnerability":"VCID-x1g1-8b9m-5yhz"},{"vulnerability":"VCID-zmre-1nsj-9ug6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.51.2"},{"url":"http://public2.vulnerablecode.io/api/packages/949372?format=json","purl":"pkg:npm/svelte@5.51.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-4hh1-vzj8-bqfy"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-w8kg-2qq6-xyet"},{"vulnerability":"VCID-x1g1-8b9m-5yhz"},{"vulnerability":"VCID-zmre-1nsj-9ug6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.51.3"},{"url":"http://public2.vulnerablecode.io/api/packages/39425?format=json","purl":"pkg:npm/svelte@5.51.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-4hh1-vzj8-bqfy"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-w8kg-2qq6-xyet"},{"vulnerability":"VCID-x1g1-8b9m-5yhz"},{"vulnerability":"VCID-zmre-1nsj-9ug6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.51.4"},{"url":"http://public2.vulnerablecode.io/api/packages/39423?format=json","purl":"pkg:npm/svelte@5.51.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-ycam-n781-gkf8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.51.5"},{"url":"http://public2.vulnerablecode.io/api/packages/952979?format=json","purl":"pkg:npm/svelte@5.52.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-ycam-n781-gkf8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.52.0"},{"url":"http://public2.vulnerablecode.io/api/packages/39935?format=json","purl":"pkg:npm/svelte@5.53.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-6vyz-9hn8-fke1"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-ycam-n781-gkf8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.53.0"},{"url":"http://public2.vulnerablecode.io/api/packages/952976?format=json","purl":"pkg:npm/svelte@5.53.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-6vyz-9hn8-fke1"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-ycam-n781-gkf8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.53.1"},{"url":"http://public2.vulnerablecode.io/api/packages/952977?format=json","purl":"pkg:npm/svelte@5.53.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-6vyz-9hn8-fke1"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-ycam-n781-gkf8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.53.2"},{"url":"http://public2.vulnerablecode.io/api/packages/952978?format=json","purl":"pkg:npm/svelte@5.53.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-6vyz-9hn8-fke1"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-ycam-n781-gkf8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.53.3"},{"url":"http://public2.vulnerablecode.io/api/packages/39933?format=json","purl":"pkg:npm/svelte@5.53.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-6vyz-9hn8-fke1"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-eub6-k2yh-suhb"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-ycam-n781-gkf8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.53.4"},{"url":"http://public2.vulnerablecode.io/api/packages/39934?format=json","purl":"pkg:npm/svelte@5.53.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-ycam-n781-gkf8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.53.5"},{"url":"http://public2.vulnerablecode.io/api/packages/1166061?format=json","purl":"pkg:npm/svelte@5.53.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-ycam-n781-gkf8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.53.6"},{"url":"http://public2.vulnerablecode.io/api/packages/1166062?format=json","purl":"pkg:npm/svelte@5.53.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-ycam-n781-gkf8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.53.7"},{"url":"http://public2.vulnerablecode.io/api/packages/1166063?format=json","purl":"pkg:npm/svelte@5.53.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-ycam-n781-gkf8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.53.8"},{"url":"http://public2.vulnerablecode.io/api/packages/1166064?format=json","purl":"pkg:npm/svelte@5.53.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-ycam-n781-gkf8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.53.9"},{"url":"http://public2.vulnerablecode.io/api/packages/1166065?format=json","purl":"pkg:npm/svelte@5.53.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-ycam-n781-gkf8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.53.10"},{"url":"http://public2.vulnerablecode.io/api/packages/1166066?format=json","purl":"pkg:npm/svelte@5.53.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-ycam-n781-gkf8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.53.11"},{"url":"http://public2.vulnerablecode.io/api/packages/1166067?format=json","purl":"pkg:npm/svelte@5.53.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-ycam-n781-gkf8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.53.12"},{"url":"http://public2.vulnerablecode.io/api/packages/1166068?format=json","purl":"pkg:npm/svelte@5.53.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-ycam-n781-gkf8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.53.13"},{"url":"http://public2.vulnerablecode.io/api/packages/1166069?format=json","purl":"pkg:npm/svelte@5.54.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-ycam-n781-gkf8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.54.0"},{"url":"http://public2.vulnerablecode.io/api/packages/1166070?format=json","purl":"pkg:npm/svelte@5.54.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-ycam-n781-gkf8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.54.1"},{"url":"http://public2.vulnerablecode.io/api/packages/1166071?format=json","purl":"pkg:npm/svelte@5.55.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-ycam-n781-gkf8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.55.0"},{"url":"http://public2.vulnerablecode.io/api/packages/1166072?format=json","purl":"pkg:npm/svelte@5.55.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-ycam-n781-gkf8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.55.1"},{"url":"http://public2.vulnerablecode.io/api/packages/1166073?format=json","purl":"pkg:npm/svelte@5.55.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-ycam-n781-gkf8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.55.2"},{"url":"http://public2.vulnerablecode.io/api/packages/1166074?format=json","purl":"pkg:npm/svelte@5.55.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-ycam-n781-gkf8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.55.3"},{"url":"http://public2.vulnerablecode.io/api/packages/1166075?format=json","purl":"pkg:npm/svelte@5.55.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-ycam-n781-gkf8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.55.4"},{"url":"http://public2.vulnerablecode.io/api/packages/1166076?format=json","purl":"pkg:npm/svelte@5.55.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-ycam-n781-gkf8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.55.5"},{"url":"http://public2.vulnerablecode.io/api/packages/1087253?format=json","purl":"pkg:npm/svelte@5.55.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3338-judc-5ke1"},{"vulnerability":"VCID-cxqy-4aua-v3bt"},{"vulnerability":"VCID-vbz4-avaq-7kh6"},{"vulnerability":"VCID-ycam-n781-gkf8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/svelte@5.55.6"}],"references":[{"reference_url":"http://github.com/sveltejs/svelte/releases/tag/svelte%405.55.7","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://github.com/sveltejs/svelte/releases/tag/svelte%405.55.7"},{"reference_url":"https://github.com/sveltejs/svelte","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sveltejs/svelte"},{"reference_url":"https://github.com/sveltejs/svelte/commit/a16ebc67bbcf8f708360195687e1b2719463e1a4","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sveltejs/svelte/commit/a16ebc67bbcf8f708360195687e1b2719463e1a4"},{"reference_url":"https://github.com/sveltejs/svelte/security/advisories/GHSA-f3cj-j4f6-wq85","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sveltejs/svelte/security/advisories/GHSA-f3cj-j4f6-wq85"},{"reference_url":"https://github.com/advisories/GHSA-f3cj-j4f6-wq85","reference_id":"GHSA-f3cj-j4f6-wq85","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f3cj-j4f6-wq85"}],"weaknesses":[{"cwe_id":79,"name":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","description":"The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."}],"exploits":[],"severity_range_score":"4.0 - 6.9","exploitability":"0.5","weighted_severity":"6.2","risk_score":3.1,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cxqy-4aua-v3bt"}