6 matches found
CVE-2023-22491
Gatsby is a free and open source framework based on React that helps developers build websites and apps. The gatsby-transformer-remark plugin prior to versions 5.25.1 and 6.3.2 passes input through to the gray-matter npm package, which is vulnerable to JavaScript injection in its default...
CVE-2023-22491 gatsby-transformer-remark vulnerable to unsanitized JavaScript code injection
Gatsby is a free and open source framework based on React that helps developers build websites and apps. The gatsby-transformer-remark plugin prior to versions 5.25.1 and 6.3.2 passes input through to the gray-matter npm package, which is vulnerable to JavaScript injection in its default...
CVE-2023-22491 gatsby-transformer-remark vulnerable to unsanitized JavaScript code injection
Gatsby is a free and open source framework based on React that helps developers build websites and apps. The gatsby-transformer-remark plugin prior to versions 5.25.1 and 6.3.2 passes input through to the gray-matter npm package, which is vulnerable to JavaScript injection in its default...
CVE-2023-22491
The CVE-2023-22491 entry concerns the Gatsby gatsby-transformer-remark plugin, affected in versions prior to 5.25.1 and 6.3.2. The vulnerability arises when the plugin passes input to gray-matter in data mode, allowing JavaScript injection in its default configuration if input is not sanitized; i...
10secondsofcode-custom (=1.0.0), 1kohei1 (>=1.0.0 <=1.0.1) +442 more potentially affected by CVE-2023-22491 via gatsby-transformer-remark (>=1.7.37 <=5.23.1)
gatsby-transformer-remark NPM version =1.7.37, =1.0.0, =1.0.0, =3.0.0, =1.0.0, =0.1.1, =0.1.0, =1.0.0, =0.13.2, =4.0.0-4.0.0-alpha.3.0, =0.1.0, =1.1.18-beta.1 and more Source cves: CVE-2023-22491 Source advisory: OSV:GHSA-7CH4-RR99-CQCW...
@adobe/gatsby-theme-aio (=5.0.0-rc2), @boomerang-io/gatsby-theme-boomerang (>=1.5.0 <=1.6.9) +22 more potentially affected by CVE-2023-22491 via gatsby-transformer-remark (>=6.0.0 <=6.16.0)
gatsby-transformer-remark NPM version =6.0.0, =1.5.0, =1.0.42, =0.3.0, =0.0.18, =1.0.1, =1.0.0, =1.0.0, =1.0.7, =1.0.0, =1.0.2, =0.1.0, =0.1.0, =1.0.0, =4.5.0 and more Source cves: CVE-2023-22491 Source advisory: OSV:GHSA-7CH4-RR99-CQCW...