VYPR

npm package

solid-js

pkg:npm/solid-js

Vulnerabilities (1)

  • CVE-2025-27109HigFeb 21, 2025
    affected < 1.9.4fixed 1.9.4

    solid-js is a declarative, efficient, and flexible JavaScript library for building user interfaces. In affected versions Inserts/JSX expressions inside illegal inlined JSX fragments lacked escaping, allowing user input to be rendered as HTML when put directly inside JSX fragments