![[@sveltejs/kit] Memory exhaustion in SvelteKit remote form deserialization (experimental only)](/assets/images/github_com_1771583664025.png)
Security Advisories์ถ์ฒ: GitHub Security Advisories์กฐํ์ 6
[@sveltejs/kit] Memory exhaustion in SvelteKit remote form deserialization (experimental only)
By GitHub2026๋
2์ 20์ผ
**[@sveltejs/kit] Memory exhaustion in SvelteKit remote form deserialization (experimental only)**
Versions of @sveltejs/kit prior to 2.52.2 with remote functions enabled can be vulnerable to memory exhaustion. Malformed form data can cause the server process to crash due to excessive memory allocation, resulting in denial of service. Only applications using both experimental.remoteFunctions and form are vulnerable. References https://github.com/sveltejs/kit/security/advisories/GHSA-vrhm-gvg7-fpcf https://github.com/sveltejs/kit/commit/f47c01bd8100328c24fdb8522fe35913b0735f35 https://github.com/sveltejs/kit/releases/tag/@sveltejs/kit@2.52.2 https://github.com/advisories/GHSA-vrhm-gvg7-fpcf
---
**[devsupporter ํด์ค]**
์ด ๊ธฐ์ฌ๋ GitHub Security Advisories์์ ์ ๊ณตํ๋ ์ต์ ๊ฐ๋ฐ ๋ํฅ์ ๋๋ค. ๊ด๋ จ ๋๊ตฌ๋ ๊ธฐ์ ์ ๋ํด ๋ ์์๋ณด์๋ ค๋ฉด ์๋ณธ ๋งํฌ๋ฅผ ์ฐธ๊ณ ํ์ธ์.
Versions of @sveltejs/kit prior to 2.52.2 with remote functions enabled can be vulnerable to memory exhaustion. Malformed form data can cause the server process to crash due to excessive memory allocation, resulting in denial of service. Only applications using both experimental.remoteFunctions and form are vulnerable. References https://github.com/sveltejs/kit/security/advisories/GHSA-vrhm-gvg7-fpcf https://github.com/sveltejs/kit/commit/f47c01bd8100328c24fdb8522fe35913b0735f35 https://github.com/sveltejs/kit/releases/tag/@sveltejs/kit@2.52.2 https://github.com/advisories/GHSA-vrhm-gvg7-fpcf
---
**[devsupporter ํด์ค]**
์ด ๊ธฐ์ฌ๋ GitHub Security Advisories์์ ์ ๊ณตํ๋ ์ต์ ๊ฐ๋ฐ ๋ํฅ์ ๋๋ค. ๊ด๋ จ ๋๊ตฌ๋ ๊ธฐ์ ์ ๋ํด ๋ ์์๋ณด์๋ ค๋ฉด ์๋ณธ ๋งํฌ๋ฅผ ์ฐธ๊ณ ํ์ธ์.