react-dom — CVE history (npm)
react-dom
1 CVEs affect the react-dom npm package (highest CVSS 6.1). Latest disclosed: 2018-12-31. Full CVE history sourced from NVD.
Summary
- Package
react-dom(npm)- Total CVEs
1- Actively exploited (CISA KEV)
- 0
- Highest CVSS
6.1- Latest disclosed
- 2018-12-31
Recent CVEs (top 1)
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2018-6341 | Medium | 6.1 | — | 2018-12-31 | React applications which rendered to HTML using the ReactDOMServer API were not escaping user-supplied attribute names at render-time. |
All-time worst (top 1 by CVSS)
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2018-6341 | Medium | 6.1 | — | 2018-12-31 | React applications which rendered to HTML using the ReactDOMServer API were not escaping user-supplied attribute names at render-time. |