← Back

Loader Utils

loader-utils

Vendor: Webpack.js • 3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-37603
1Webpack.js
1Loader Utils
May 15, 2025
Oct 14, 2022
N/A· v4
7.5 HIGH· v3
N/A· v2
A Regular expression denial of service (ReDoS) flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the url variable in interpolateName.js.
CVE-2022-37601
2Debian
Webpack.js
2Debian Linux
Loader Utils
Nov 21, 2024
Oct 12, 2022
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. This affects all versions prior to 1.4.1 and 2.0.3.
CVE-2022-37599
1Webpack.js
1Loader Utils
Nov 4, 2025
Oct 11, 2022
N/A· v4
7.5 HIGH· v3
N/A· v2
A Regular expression denial of service (ReDoS) flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the resourcePath variable in interpolateName.js.