4 Total advisories
4 Vulnerabilities
0 Malware
Vulnerabilities
LOW 3.7
CVE-2025-68157
webpack buildHttp HttpUriPlugin allowedUris bypass via HTTP redirects → SSRF + cache persistence
LOW 3.7
CVE-2025-68458
webpack buildHttp: allowedUris allow-list bypass via URL userinfo (@) leading to build-time SSRF behavior
MEDIUM 6.4
CVE-2024-43788
Webpack's AutoPublicPathRuntimeModule has a DOM Clobbering Gadget that leads to XSS
CRITICAL 9.8
CVE-2023-28154
Cross-realm object access in Webpack 5
Ready to move
Start Securing
Free, no credit card | First findings in minutes