+53 −57

Conversation

chargome

No description provided.

@chargomechargome self-assigned this May 23, 2025
semgrep-code-getsentry[bot]
semgrep-code-getsentry bot reviewed May 23, 2025
View reviewed changes
packages/react-router/src/server/instrumentation/reactRouter.ts
} catch (error) {
return originalRequestHandler(request, initialContext);
}
private _CreateRequestHandler(): (original: typeof reactRouter.createRequestHandler) => any {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Risk: Affected versions of react-router are vulnerable to Insufficient Verification of Data Authenticity. A vulnerability in React Router's Framework mode allows an attacker to spoof pre-rendered loader data by providing a crafted JSON payload via the X-React-Router-Prerender-Data header. This manipulation can poison cached responses and lead to unintended page modifications, including potential XSS attacks.

Fix: Upgrade this library to at least version 7.5.2 at sentry-javascript/yarn.lock:24603.

Reference(s): GHSA-cpj6-fhp6-mr6j, CVE-2025-43865

💬 To ignore this, reply with:
/fp <comment> for false positive
/ar <comment> for acceptable risk
/other <comment> for all other reasons
Alternatively, triage in Semgrep AppSec Platform to ignore the finding created by ssc-beb7e482-8f90-9d54-a2cb-68c86458077b.

semgrep-code-getsentry[bot]
semgrep-code-getsentry bot reviewed May 23, 2025
View reviewed changes
packages/react-router/src/server/instrumentation/reactRouter.ts
return function sentryWrappedCreateRequestHandler(this: unknown, ...args: unknown[]) {
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
// @ts-ignore not sure why original isn't found here?
const originalRequestHandler = (original as typeof reactRouter.createRequestHandler).apply(this, args);
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Risk: Affected versions of react-router are vulnerable to Insufficient Verification of Data Authenticity. A vulnerability in React Router's Framework mode allows an attacker to spoof pre-rendered loader data by providing a crafted JSON payload via the X-React-Router-Prerender-Data header. This manipulation can poison cached responses and lead to unintended page modifications, including potential XSS attacks.

Fix: Upgrade this library to at least version 7.5.2 at sentry-javascript/yarn.lock:24603.

Reference(s): GHSA-cpj6-fhp6-mr6j, CVE-2025-43865

💬 To ignore this, reply with:
/fp <comment> for false positive
/ar <comment> for acceptable risk
/other <comment> for all other reasons
Alternatively, triage in Semgrep AppSec Platform to ignore the finding created by ssc-beb7e482-8f90-9d54-a2cb-68c86458077b.

Sign up for free to join this conversation on . Already have an account? Sign in to comment

@semgrep-code-getsentry semgrep-code-getsentry[bot] semgrep-code-getsentry[bot] left review comments

At least 1 approving review is required to merge this pull request.

@chargome chargome

None yet
None yet
No milestone

Successfully merging this pull request may close these issues.

@chargome