webpack security advisories | npmjs.org

Top 0.1% on npmjs.org
Top 0.1% downloads on npmjs.org
Top 0.1% dependent packages on npmjs.org
Top 0.4% dependent repos on npmjs.org
Top 0.4% forks on npmjs.org
Top 0.1% docker downloads on npmjs.org

npmjs.org : webpack

Packs ECMAScript/CommonJs/AMD modules for the browser. Allows you to split your codebase into multiple bundles, which can be loaded on demand. Supports loaders to preprocess files, i.e. json, jsx, es7, css, less, ... and your custom stuff.

Registry - Source - JSON
purl: pkg:npm/webpack
Keywords: amd , build-tool , commonjs , compiler , es2015 , es6 , esm , javascript , javascript-compiler , javascript-modules , loaders , module-bundler , plugins , web , web-performance , webpack
License: MIT
Latest release: 5 days ago
First release: over 13 years ago
Dependent packages: 216,244
Dependent repositories: 3,177
Downloads: 140,228,802 last month
Stars: 65,665 on GitHub
Forks: 9,143 on GitHub
Docker dependents: 26,816
Docker downloads: 7,646,895,114
Total Commits: 12493
Committers: 934
Average commits per author: 13.376
Development Distribution Score (DDS): 0.559
More commit stats: commits.ecosyste.ms
See more repository details: repos.ecosyste.ms
Funding links: https://opencollective.com/webpack
Last synced: about 19 hours ago

Moderate

GSA_kwCzR0hTQS00dnZqLTRjcHItcDk4Ns4AA--k

Webpack's AutoPublicPathRuntimeModule has a DOM Clobbering Gadget that leads to XSS
Ecosystems: npm
Packages: webpack
Source: github
Published: about 1 year ago

Critical

GSA_kwCzR0hTQS1oYzZxLTJtcHAtcXc3as4AAyD3

Cross-realm object access in Webpack 5
Ecosystems: npm
Packages: webpack
Source: github
Published: over 2 years ago

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Packages

npmjs.org : webpack

GSA_kwCzR0hTQS00dnZqLTRjcHItcDk4Ns4AA--k

GSA_kwCzR0hTQS1oYzZxLTJtcHAtcXc3as4AAyD3