Skip to content

Fixes security vulnerability that allowed for server side code to be executed by a <script> tag

Critical
capricorn86 published GHSA-96g7-g7g9-jxw8 Nov 6, 2024

Package

npm happy-dom (npm)

Affected versions

< 15.10.2

Patched versions

>= 15.10.2

Description

Impact

Consumers of the NPM package happy-dom

Patches

The security vulnerability has been patched in v15.10.1

Workarounds

No easy workarounds to my knowledge

References

#1585

Severity

Critical

CVE ID

CVE-2024-51757

Weaknesses

No CWEs

Credits