@builder.io/qwik
npm3 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting @builder.io/qwikpage 1 of 1
- CVE-2023-0410MEDIUMCVSS 6.1EG 6.1✓ Fixed in 0.16.22023-01-20
Cross-site Scripting (XSS) - Generic in GitHub repository builderio/qwik prior to 0.1.0-beta5.
- CVE-2023-1283CRITICALCVSS 10.0EG 10.0✓ Fixed in 0.21.02023-03-08
Code Injection in GitHub repository builderio/qwik prior to 0.21.0.
- CVE-2024-41677MEDIUMCVSS 6.3EG 6.3✓ Fixed in 1.7.32024-08-06
Qwik is a performance focused javascript framework. A potential mutation XSS vulnerability exists in Qwik for versions up to but not including 1.6.0. Qwik improperly escapes HTML on server-side rendering. It converts strings according to t…
Check whether @builder.io/qwik is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for @builder.io/qwik CVEs against the assets you own.
Start Free Scan →