Add CVE-2024-45047 in Svelte

RetireJS · Sep 2, 2024 · 511a275 · 511a275
1 parent e4e8e17
commit 511a275
Show file tree

Hide file tree

Showing 5 changed files with 105 additions and 0 deletions.
diff --git a/repository/jsrepository-master.json b/repository/jsrepository-master.json
@@ -4474,6 +4474,27 @@
   },
   "svelte": {
     "vulnerabilities": [
+      {
+        "ranges": [
+          {
+            "below": "4.2.19"
+          }
+        ],
+        "summary": "Svelte has a potential mXSS vulnerability due to improper HTML escaping",
+        "cwe": ["CWE-79"],
+        "severity": "medium",
+        "identifiers": {
+          "CVE": ["CVE-2024-45047"],
+          "githubID": "GHSA-8266-84wp-wv5c"
+        },
+        "info": [
+          "https://github.com/advisories/GHSA-8266-84wp-wv5c",
+          "https://github.com/sveltejs/svelte/security/advisories/GHSA-8266-84wp-wv5c",
+          "https://nvd.nist.gov/vuln/detail/CVE-2024-45047",
+          "https://github.com/sveltejs/svelte/commit/83e96e044deb5ecbae2af361ae9e31d3e1ac43a3",
+          "https://github.com/sveltejs/svelte"
+        ]
+      },
       {
         "ranges": [
           {

diff --git a/repository/jsrepository-v2.json b/repository/jsrepository-v2.json
@@ -5878,6 +5878,27 @@
         "info": [
           "https://github.com/sveltejs/svelte/pull/7530"
         ]
+      },
+      {
+        "below": "4.2.19",
+        "cwe": [
+          "CWE-79"
+        ],
+        "severity": "medium",
+        "identifiers": {
+          "summary": "Svelte has a potential mXSS vulnerability due to improper HTML escaping",
+          "CVE": [
+            "CVE-2024-45047"
+          ],
+          "githubID": "GHSA-8266-84wp-wv5c"
+        },
+        "info": [
+          "https://github.com/advisories/GHSA-8266-84wp-wv5c",
+          "https://github.com/sveltejs/svelte/security/advisories/GHSA-8266-84wp-wv5c",
+          "https://nvd.nist.gov/vuln/detail/CVE-2024-45047",
+          "https://github.com/sveltejs/svelte/commit/83e96e044deb5ecbae2af361ae9e31d3e1ac43a3",
+          "https://github.com/sveltejs/svelte"
+        ]
       }
     ],
     "extractors": {

diff --git a/repository/jsrepository-v3.json b/repository/jsrepository-v3.json
@@ -6021,6 +6021,27 @@
           "info": [
             "https://github.com/sveltejs/svelte/pull/7530"
           ]
+        },
+        {
+          "below": "4.2.19",
+          "cwe": [
+            "CWE-79"
+          ],
+          "severity": "medium",
+          "identifiers": {
+            "summary": "Svelte has a potential mXSS vulnerability due to improper HTML escaping",
+            "CVE": [
+              "CVE-2024-45047"
+            ],
+            "githubID": "GHSA-8266-84wp-wv5c"
+          },
+          "info": [
+            "https://github.com/advisories/GHSA-8266-84wp-wv5c",
+            "https://github.com/sveltejs/svelte/security/advisories/GHSA-8266-84wp-wv5c",
+            "https://nvd.nist.gov/vuln/detail/CVE-2024-45047",
+            "https://github.com/sveltejs/svelte/commit/83e96e044deb5ecbae2af361ae9e31d3e1ac43a3",
+            "https://github.com/sveltejs/svelte"
+          ]
         }
       ],
       "extractors": {

diff --git a/repository/jsrepository-v4.json b/repository/jsrepository-v4.json
@@ -6020,6 +6020,27 @@
         "info": [
           "https://github.com/sveltejs/svelte/pull/7530"
         ]
+      },
+      {
+        "below": "4.2.19",
+        "cwe": [
+          "CWE-79"
+        ],
+        "severity": "medium",
+        "identifiers": {
+          "summary": "Svelte has a potential mXSS vulnerability due to improper HTML escaping",
+          "CVE": [
+            "CVE-2024-45047"
+          ],
+          "githubID": "GHSA-8266-84wp-wv5c"
+        },
+        "info": [
+          "https://github.com/advisories/GHSA-8266-84wp-wv5c",
+          "https://github.com/sveltejs/svelte/security/advisories/GHSA-8266-84wp-wv5c",
+          "https://nvd.nist.gov/vuln/detail/CVE-2024-45047",
+          "https://github.com/sveltejs/svelte/commit/83e96e044deb5ecbae2af361ae9e31d3e1ac43a3",
+          "https://github.com/sveltejs/svelte"
+        ]
       }
     ],
     "extractors": {

diff --git a/repository/jsrepository.json b/repository/jsrepository.json
@@ -5821,6 +5821,27 @@
         "info": [
           "https://github.com/sveltejs/svelte/pull/7530"
         ]
+      },
+      {
+        "below": "4.2.19",
+        "cwe": [
+          "CWE-79"
+        ],
+        "severity": "medium",
+        "identifiers": {
+          "summary": "Svelte has a potential mXSS vulnerability due to improper HTML escaping",
+          "CVE": [
+            "CVE-2024-45047"
+          ],
+          "githubID": "GHSA-8266-84wp-wv5c"
+        },
+        "info": [
+          "https://github.com/advisories/GHSA-8266-84wp-wv5c",
+          "https://github.com/sveltejs/svelte/security/advisories/GHSA-8266-84wp-wv5c",
+          "https://nvd.nist.gov/vuln/detail/CVE-2024-45047",
+          "https://github.com/sveltejs/svelte/commit/83e96e044deb5ecbae2af361ae9e31d3e1ac43a3",
+          "https://github.com/sveltejs/svelte"
+        ]
       }
     ],
     "extractors": {