webpack — Vulnerabilities & Security Advisories 3

All 3 CVE vulnerabilities found in webpack, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-68157	webpack buildHttp HttpUriPlugin allowedUris bypass via HTTP redirects CWE-918	3.7	Low	2026-02-05
CVE-2025-68458	webpack buildHttp: allowedUris allow-list bypass via URL userinfo (@) leading to build-time SSRF behavior CWE-918	3.7	Low	2026-02-05
CVE-2024-43788	DOM Clobbering Gadget found in Webpack's AutoPublicPathRuntimeModule that leads to Cross-site Scripting (XSS) CWE-79	6.4	Medium	2024-08-27

All 3 known CVE vulnerabilities affecting webpack with full Chinese analysis, references, and POCs where available.