react-dom — CVE history (npm)

react-dom

1 CVEs affect the react-dom npm package (highest CVSS 6.1). Latest disclosed: 2018-12-31. Full CVE history sourced from NVD.

Summary

Package
react-dom (npm)
Total CVEs
1
Actively exploited (CISA KEV)
0
Highest CVSS
6.1
Latest disclosed
2018-12-31

Recent CVEs (top 1)

CVESeverityCVSSKEVPublishedSummary
CVE-2018-6341Medium6.12018-12-31React applications which rendered to HTML using the ReactDOMServer API were not escaping user-supplied attribute names at render-time.

All-time worst (top 1 by CVSS)

CVESeverityCVSSKEVPublishedSummary
CVE-2018-6341Medium6.12018-12-31React applications which rendered to HTML using the ReactDOMServer API were not escaping user-supplied attribute names at render-time.