CVEs affecting the Svelte ecosystem
Time to upgrade
We’ve released patches for 5 vulnerabilities across devalue
, svelte
, @sveltejs/kit
, and @sveltejs/adapter-node
. Here’s what you need to know:
Upgrade now
If you’re using any of these packages, upgrade them to their corresponding non-vulnerable versions:
devalue
:5.6.2
svelte
:5.46.4
@sveltejs/kit
:2.49.5
@sveltejs/adapter-node
:5.5.1
For cros...
