npm package
@sveltejs/adapter-node
pkg:npm/%40sveltejs/adapter-node
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-67647 | — | >= 5.4.1, < 5.5.1 | 5.5.1 | Jan 15, 2026 | SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. Prior to 2.49.5, SvelteKit is vulnerable to a server side request forgery (SSRF) and denial of service (DoS) under certain conditions. From 2.44.0 through 2.49.4, the vulnerability r | ||
| CVE-2024-23641 | — | >= 2.0.0, < 2.1.2 | 2.1.2 | Jan 24, 2024 | SvelteKit is a web development kit. In SvelteKit 2, sending a GET request with a body eg `{}` to a built and previewed/hosted sveltekit app throws `Request with GET/HEAD method cannot have body.` and crashes the preview/hosting. After this happens, one must manually restart the a |
- CVE-2025-67647Jan 15, 2026affected >= 5.4.1, < 5.5.1fixed 5.5.1
SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. Prior to 2.49.5, SvelteKit is vulnerable to a server side request forgery (SSRF) and denial of service (DoS) under certain conditions. From 2.44.0 through 2.49.4, the vulnerability r
- CVE-2024-23641Jan 24, 2024affected >= 2.0.0, < 2.1.2fixed 2.1.2
SvelteKit is a web development kit. In SvelteKit 2, sending a GET request with a body eg `{}` to a built and previewed/hosted sveltekit app throws `Request with GET/HEAD method cannot have body.` and crashes the preview/hosting. After this happens, one must manually restart the a