CVE-2024-24558

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-24558

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-24558.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-24558

Aliases

GHSA-997g-27x8-43rf

Related

GHSA-997g-27x8-43rf

Published

2024-01-30T20:15:45Z

Modified

2025-01-15T05:08:38.041527Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

TanStack Query supplies asynchronous state management, server-state utilities and data fetching for the web. The @tanstack/react-query-next-experimental NPM package is vulnerable to a cross-site scripting vulnerability. To exploit this, an attacker would need to either inject malicious input or arrange to have malicious input be returned from an endpoint. To fix this issue, please update to version 5.18.0 or later.

References

Affected packages

Git / github.com/tanstack/query

Affected ranges

Type: GIT
Repo: https://github.com/tanstack/query
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

f2ddaf2536e8b71d2da88a9310ac9a48c13512a1

Fixed

f2ddaf2536e8b71d2da88a9310ac9a48c13512a1

Affected versions

5.*

5.8.2

v0.*

v0.0.11

v0.0.13

v0.0.14

v0.0.15

v0.0.16

v0.0.17

v0.0.3

v0.0.4

v0.0.5

v0.0.6

v0.0.8

v0.0.9

v0.1.0

v0.1.1-alpha.0

v0.2.0

v0.2.1

v0.3.0

v0.3.1-alpha.1

v0.3.11

v0.3.13

v0.3.19

v0.3.20

v0.3.23

v0.3.25

v0.3.26

v0.3.27-test.0

v0.3.4

v0.3.6

v0.4.1

v0.4.3

v1.*

v1.0.11

v1.0.18

v1.0.19

v1.0.20

v1.0.24

v1.0.26

v1.0.28

v1.0.29

v1.0.3

v1.0.30

v1.0.31

v1.0.33

v1.0.35

v1.0.36

v1.0.4

v1.0.9

v1.1.3

v1.1.5

v1.2.0

v1.2.1

v1.2.4

v1.2.8

v1.3.1

v1.3.2

v1.3.3

v1.3.4

v1.3.5

v1.3.6

v1.4.0

v1.4.1

v1.4.2

v1.4.3

v1.4.4

v1.5.0

v1.5.1

v1.5.2

v1.5.3

v1.5.4

v1.5.5

v1.5.6

v1.5.7

v1.5.8

v1.5.9

v2.*

v2.0.0

v2.0.1

v2.0.2

v2.0.3

v2.0.4

v2.1.0

v2.1.1

v2.10.0

v2.10.1

v2.11.0

v2.11.1

v2.12.0

v2.12.1

v2.13.0

v2.13.1

v2.14.0

v2.14.1

v2.15.0

v2.15.1

v2.15.2

v2.15.3

v2.15.4

v2.16.0

v2.16.1

v2.17.0

v2.17.1

v2.17.2

v2.18.0

v2.19.0

v2.2.0

v2.2.1

v2.2.2

v2.2.3

v2.20.0

v2.20.1

v2.21.0

v2.21.1

v2.21.2

v2.22.0

v2.22.1

v2.22.2

v2.23.0

v2.23.1

v2.25.1

v2.25.2

v2.26.0

v2.26.1

v2.26.2

v2.26.3

v2.26.4

v2.3.0

v2.4.0

v2.4.1

v2.4.10

v2.4.11

v2.4.12

v2.4.13

v2.4.14

v2.4.15

v2.4.16

v2.4.17

v2.4.18

v2.4.19

v2.4.2

v2.4.20

v2.4.21

v2.4.3

v2.4.4

v2.4.5

v2.4.6

v2.4.7

v2.4.8

v2.4.9

v2.5.10

v2.5.11

v2.5.12

v2.5.13

v2.5.14

v2.5.3

v2.5.4

v2.5.5

v2.5.6

v2.5.7

v2.5.8

v2.5.9

v2.6.0

v2.7.0

v2.7.1

v2.8.0

v2.9.0

v3.*

v3.10.0

v3.11.0

v3.12.0

v3.12.1

v3.12.2

v3.12.3

v3.13.0

v3.13.1

v3.13.10

v3.13.11

v3.13.12

v3.13.2

v3.13.3

v3.13.4

v3.13.5

v3.13.6

v3.13.7

v3.13.8

v3.13.9

v3.14.0

v3.15.0

v3.15.1

v3.15.2

v3.15.3

v3.16.0

v3.16.1

v3.17.0

v3.17.1

v3.17.2

v3.17.3

v3.18.0

v3.18.1

v3.19.0

v3.19.1

v3.19.2

v3.19.3

v3.19.4

v3.19.5

v3.19.6

v3.2.0

v3.20.0

v3.21.0

v3.21.1

v3.22.0

v3.23.0

v3.23.1

v3.23.2

v3.24.0

v3.24.1

v3.24.2

v3.24.3

v3.24.4

v3.24.5

v3.24.6

v3.25.0

v3.25.1

v3.26.0

v3.27.0

v3.28.0

v3.29.0

v3.29.1

v3.3.0

v3.3.1

v3.3.2

v3.3.3

v3.3.4

v3.3.5

v3.30.0

v3.31.0

v3.32.0

v3.32.1

v3.32.2

v3.32.3

v3.33.0

v3.33.1

v3.33.2

v3.33.3

v3.33.4

v3.33.5

v3.33.6

v3.33.7

v3.34.0

v3.34.1

v3.34.10

v3.34.11

v3.34.12

v3.34.13

v3.34.14

v3.34.15

v3.34.16

v3.34.17

v3.34.18

v3.34.19

v3.34.2

v3.34.20

v3.34.3

v3.34.4

v3.34.5

v3.34.6

v3.34.7

v3.34.8

v3.34.9

v3.35.0

v3.36.0

v3.37.0

v3.38.0

v3.38.1

v3.39.0

v3.39.1

v3.39.2

v3.4.0

v3.4.1

v3.5.0

v3.5.1

v3.5.10

v3.5.11

v3.5.12

v3.5.13

v3.5.14

v3.5.15

v3.5.16

v3.5.2

v3.5.3

v3.5.4

v3.5.5

v3.5.6

v3.5.7

v3.5.8

v3.5.9

v3.6.0

v3.6.1

v3.7.0

v3.7.1

v3.8.0

v3.8.1

v3.8.2

v3.8.3

v3.9.0

v3.9.1

v3.9.2

v3.9.3

v3.9.4

v3.9.5

v3.9.6

v3.9.7

v3.9.8

v3.9.9

v4.*

v4.0.0

v4.0.1

v4.0.10

v4.0.2

v4.0.3

v4.0.4

v4.0.5

v4.0.6

v4.0.7

v4.0.8

v4.0.9

v4.1.0

v4.1.1

v4.1.2

v4.1.3

v4.1.4

v4.10.0

v4.10.1

v4.10.2

v4.10.3

v4.10.4

v4.11.0

v4.11.1

v4.12.0

v4.13.0

v4.13.1

v4.13.2

v4.13.3

v4.13.4

v4.13.5

v4.13.6

v4.13.7

v4.14.0

v4.14.1

v4.14.2

v4.14.3

v4.14.4

v4.14.5

v4.14.6

v4.14.7

v4.14.8

v4.15.0

v4.15.1

v4.16.0

v4.16.1

v4.17.0

v4.17.1

v4.18.0

v4.18.1

v4.19.0

v4.19.1

v4.2.0

v4.2.1

v4.2.2

v4.2.3

v4.20.0

v4.20.1

v4.20.10

v4.20.2

v4.20.3

v4.20.4

v4.20.5

v4.20.6

v4.20.7

v4.20.8

v4.20.9

v4.21.0

v4.22.0

v4.22.1

v4.22.2

v4.22.3

v4.22.4

v4.23.0

v4.24.0

v4.24.1

v4.24.10

v4.24.11

v4.24.12

v4.24.13

v4.24.14

v4.24.2

v4.24.3

v4.24.4

v4.24.5

v4.24.6

v4.24.7

v4.24.8

v4.24.9

v4.25.0

v4.26.0

v4.26.1

v4.26.2

v4.27.0

v4.27.1

v4.28.0

v4.28.1

v4.29.0

v4.29.1

v4.29.10

v4.29.11

v4.29.12

v4.29.13

v4.29.14

v4.29.15

v4.29.16

v4.29.17

v4.29.18

v4.29.19

v4.29.2

v4.29.20

v4.29.21

v4.29.22

v4.29.23

v4.29.24

v4.29.25

v4.29.3

v4.29.4

v4.29.5

v4.29.6

v4.29.7

v4.29.8

v4.29.9

v4.3.0

v4.3.1

v4.3.2

v4.3.3

v4.3.4

v4.3.5

v4.3.6

v4.3.7

v4.3.8

v4.3.9

v4.30.0

v4.31.0

v4.32.0

v4.32.1

v4.32.2

v4.32.3

v4.32.4

v4.32.5

v4.32.6

v4.33.0

v4.33.1

v4.34.0

v4.34.1

v4.34.2

v4.34.3

v4.34.4

v4.35.0

v4.35.1

v4.35.2

v4.35.3

v4.35.4

v4.35.5

v4.35.6

v4.35.7

v4.36.0

v4.36.1

v4.36.2

v4.37.0

v4.4.0

v4.5.0

v4.6.0

v4.6.1

v4.7.0

v4.7.1

v4.7.2

v4.8.0

v4.9.0

v5.*

v5.0.0

v5.0.0-beta.0

v5.0.0-beta.1

v5.0.0-beta.10

v5.0.0-beta.11

v5.0.0-beta.12

v5.0.0-beta.13

v5.0.0-beta.14

v5.0.0-beta.15

v5.0.0-beta.16

v5.0.0-beta.17

v5.0.0-beta.18

v5.0.0-beta.19

v5.0.0-beta.2

v5.0.0-beta.20

v5.0.0-beta.21

v5.0.0-beta.22

v5.0.0-beta.23

v5.0.0-beta.24

v5.0.0-beta.25

v5.0.0-beta.26

v5.0.0-beta.27

v5.0.0-beta.28

v5.0.0-beta.29

v5.0.0-beta.3

v5.0.0-beta.30

v5.0.0-beta.31

v5.0.0-beta.32

v5.0.0-beta.33

v5.0.0-beta.34

v5.0.0-beta.35

v5.0.0-beta.36

v5.0.0-beta.37

v5.0.0-beta.4

v5.0.0-beta.5

v5.0.0-beta.6

v5.0.0-beta.7

v5.0.0-beta.8

v5.0.0-beta.9

v5.0.0-rc.1

v5.0.0-rc.10

v5.0.0-rc.11

v5.0.0-rc.12

v5.0.0-rc.13

v5.0.0-rc.14

v5.0.0-rc.15

v5.0.0-rc.16

v5.0.0-rc.2

v5.0.0-rc.3

v5.0.0-rc.4

v5.0.0-rc.5

v5.0.0-rc.6

v5.0.0-rc.7

v5.0.0-rc.8

v5.0.0-rc.9

v5.0.1

v5.0.2

v5.0.3

v5.0.4

v5.0.5

v5.1.0

v5.10.0

v5.11.0

v5.12.0

v5.12.1

v5.12.2

v5.13.0

v5.13.1

v5.13.2

v5.13.3

v5.13.4

v5.13.5

v5.14.0

v5.14.1

v5.14.2

v5.14.3

v5.14.4

v5.14.5

v5.14.6

v5.14.7

v5.15.0

v5.15.1

v5.15.2

v5.15.3

v5.15.4

v5.15.5

v5.16.0

v5.16.1

v5.17.0

v5.17.1

v5.17.10

v5.17.11

v5.17.12

v5.17.13

v5.17.14

v5.17.15

v5.17.16

v5.17.17

v5.17.18

v5.17.19

v5.17.2

v5.17.20

v5.17.21

v5.17.22

v5.17.3

v5.17.4

v5.17.5

v5.17.6

v5.17.7

v5.17.8

v5.17.9

v5.2.0

v5.2.1

v5.3.0

v5.4.0

v5.4.1

v5.4.2

v5.4.3

v5.5.0

v5.6.0

v5.6.1

v5.7.0

v5.7.1

v5.7.2

v5.7.3

v5.7.4

v5.8.0

v5.8.1

v5.8.2

v5.8.3

v5.8.4

v5.8.5

v5.8.6

v5.8.7

v5.8.8

v5.8.9

v5.9.0