GHSA-hgv7-v322-mmgrMediumDisclosed before NVD
@sveltejs/kit: `query.batch` cross-talk
📋 Description
`query.batch()` could, under very rare and specific timings, cause concurrent requests from different users to merge and resolve under single request context, enabling cross-user data disclosure.
🎯 Affected products1
- npm/@sveltejs/kit:>= 2.38.0, <= 2.60.0