GHSA-88qp-p4qg-rqm6

ADVISORY - github

Summary

Versions of @sveltejs/kit prior to 2.52.2 with remote functions enabled are vulnerable to CPU exhaustion. Malformed form data can cause the server to become unresponsive while processing a request, resulting in denial of service.

Only applications using both experimental.remoteFunctions and form are vulnerable.

Common Weakness Enumeration (CWE)

ADVISORY - github

CWE-843⁠

Access of Resource Using Incompatible Type ('Type Confusion')

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.