Skip to content

Security vulnerability: webpack-dev-server < 5.2.1 allows potential source code exposure in non-Chromium browsers #58

New issue
New issue
Open
Open
Security vulnerability: webpack-dev-server < 5.2.1 allows potential source code exposure in non-Chromium browsers#58
@deekshith1856

Description

@deekshith1856
deekshith1856
opened on Nov 7, 2025

Airtable Webpack bundler is currently using webpack-dev-server version 4.0.0, which is affected by a known security vulnerability.

Vulnerability details:

Package: webpack-dev-server

Affected versions: < 5.2.1

Current version in use: 4.0.0

Vulnerability: Users’ source code may be exposed to theft when accessing a malicious website using a non-Chromium-based browser.

Fixed in: 5.2.1

Reference:
GitHub Security Advisory

Suggested fix:
Upgrade webpack-dev-server to version 5.2.1 or later to address the vulnerability.

Impact:
Developers using the Airtable webpack bundler may have their source code exposed if they access malicious websites using non-Chromium browsers during development.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions