GHSA-vrhm-gvg7-fpcf

ADVISORY - github

Summary

Versions of @sveltejs/kit prior to 2.52.2 with remote functions enabled can be vulnerable to memory exhaustion. Malformed form data can cause the server process to crash due to excessive memory allocation, resulting in denial of service.

Only applications using both experimental.remoteFunctions and form are vulnerable.

Common Weakness Enumeration (CWE)

ADVISORY - github

CWE-770⁠

Allocation of Resources Without Limits or Throttling

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.