Version 18.3.1

react

The library for web and native user interfaces.

Install Instructions

npm install react
Current Version Release Date April 26, 2024
Language JavaScript/TypeScript
Package URL (purl) pkg:npm/react@18.3.1

Find react vulnerabilities in your supply chain.

Scan for Free

react Vulnerabilities

Sort by
icon CVE (Latest)
  • icon CVE (Latest)
  • icon CVE (Oldest)
  • icon CVSS Score (Highest)
  • icon CVSS Score (Lowest)
CVE question mark icon CVSS Score question mark icon CWE(s) question mark icon EPSS Score question mark icon EPSS % question mark icon Impacted Versions
CVE-2018-6341 Medium 6.1 CWE-79 0.00085 0.37764
  • 16.0.0–16.4.1
CVE-2013-7035 Unknown CWE-79 None None
  • 0.5.0–0.5.1

react Vulnerability Remediation Guidance

CVE Description Full list of Impacted Versions Fix
CVE-2018-6341 React applications which rendered to HTML using the ReactDOMServer API were not escaping user-supplied attribute names at render-time. That lack of escaping could lead to a cross-site scripting vulnerability. This issue affected minor releases 16.0.x, 16.1.x, 16.2.x, 16.3.x, and 16.4.x. It was fixed in 16.0.1, 16.1.2, 16.2.1, 16.3.3, and 16.4.2. 16.3.1, 16.4.0, 16.2.0, 16.1.0, 16.1.1, 16.3.0, 16.4.1, 16.3.2 (Show all) Minor → 16.4.0-alpha.3174632
CVE-2013-7035 None 0.5.0, 0.5.1 Patch → 0.5.2

Instantly see if these react vulnerabilities affect your code.

Scan for Free