pkg:Debian/node-webpack

4 total CVEsCRITICAL1MEDIUM1LOW2

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2023-28154Cross-realm object access in Webpack 5
    from 0, < 4.43.0-6+deb11u1
  • MEDIUM6.4CVE-2024-43788Webpack's AutoPublicPathRuntimeModule has a DOM Clobbering Gadget that leads to XSS
    from 0
  • LOW3.7CVE-2025-68458webpack buildHttp: allowedUris allow-list bypass via URL userinfo (@) leading to build-time SSRF behavior
    from 0
  • LOW3.7CVE-2025-68157webpack buildHttp HttpUriPlugin allowedUris bypass via HTTP redirects → SSRF + cache persistence
    from 0