Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A denial of service vulnerability exists in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack and react-server-dom-webpack (versions 19.0.0 through 19.0.4, 19.1.0 through 19.1.5, and 19.2.0 through 19.2.4). The vulnerability is triggered by sending specially crafted HTTP requests to Server Function endpoints.The payload of the HTTP request causes excessive CPU usage for up to a minute ending in a thrown error that is catchable.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
N/A
Vulnerability Title
React 安全漏洞
Vulnerability Description
React是Meta开源的一个用于构建用户界面的JavaScript库。 React存在安全漏洞,该漏洞源于处理特制HTTP请求时CPU使用率过高,可能导致拒绝服务。以下版本受到影响:react-server-dom-parcel 19.0.4及之前版本、19.1.5及之前版本和19.2.4及之前版本,react-server-dom-turbopack 19.0.4及之前版本、19.1.5及之前版本和19.2.4及之前版本,react-server-dom-webpack 19.0.4及之前版本、19.
CVSS Information
N/A
Vulnerability Type
N/A