Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:52 a.m.5 views

CVE-2023-22491

Gatsby is a free and open source framework based on React that helps developers build websites and apps. The gatsby-transformer-remark plugin prior to versions 5.25.1 and 6.3.2 passes input through to the gray-matter npm package, which is vulnerable to JavaScript injection in its default...

8.1CVSS7.1AI score0.00613EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/01/13 6:5 p.m.8 views

CVE-2023-22491 gatsby-transformer-remark vulnerable to unsanitized JavaScript code injection

Gatsby is a free and open source framework based on React that helps developers build websites and apps. The gatsby-transformer-remark plugin prior to versions 5.25.1 and 6.3.2 passes input through to the gray-matter npm package, which is vulnerable to JavaScript injection in its default...

8.1CVSS8.2AI score0.00613EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/01/13 6:5 p.m.23 views

CVE-2023-22491 gatsby-transformer-remark vulnerable to unsanitized JavaScript code injection

Gatsby is a free and open source framework based on React that helps developers build websites and apps. The gatsby-transformer-remark plugin prior to versions 5.25.1 and 6.3.2 passes input through to the gray-matter npm package, which is vulnerable to JavaScript injection in its default...

8.1CVSS8.4AI score0.00613EPSS
Exploits1References1
CVE
CVE
added 2023/01/13 6:5 p.m.324 views

CVE-2023-22491

The CVE-2023-22491 entry concerns the Gatsby gatsby-transformer-remark plugin, affected in versions prior to 5.25.1 and 6.3.2. The vulnerability arises when the plugin passes input to gray-matter in data mode, allowing JavaScript injection in its default configuration if input is not sanitized; i...

8.1CVSS6.4AI score0.00613EPSS
Exploits1References1Affected Software1
vulnersOsv
vulnersOsv
added 2023/01/11 6:27 p.m.4 views

10secondsofcode-custom (=1.0.0), 1kohei1 (>=1.0.0 <=1.0.1) +442 more potentially affected by CVE-2023-22491 via gatsby-transformer-remark (>=1.7.37 <=5.23.1)

gatsby-transformer-remark NPM version =1.7.37, =1.0.0, =1.0.0, =3.0.0, =1.0.0, =0.1.1, =0.1.0, =1.0.0, =0.13.2, =4.0.0-4.0.0-alpha.3.0, =0.1.0, =1.1.18-beta.1 and more Source cves: CVE-2023-22491 Source advisory: OSV:GHSA-7CH4-RR99-CQCW...

8.1CVSS6.5AI score0.00613EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2023/01/11 6:27 p.m.5 views

@adobe/gatsby-theme-aio (=5.0.0-rc2), @boomerang-io/gatsby-theme-boomerang (>=1.5.0 <=1.6.9) +22 more potentially affected by CVE-2023-22491 via gatsby-transformer-remark (>=6.0.0 <=6.16.0)

gatsby-transformer-remark NPM version =6.0.0, =1.5.0, =1.0.42, =0.3.0, =0.0.18, =1.0.1, =1.0.0, =1.0.0, =1.0.7, =1.0.0, =1.0.2, =0.1.0, =0.1.0, =1.0.0, =4.5.0 and more Source cves: CVE-2023-22491 Source advisory: OSV:GHSA-7CH4-RR99-CQCW...

8.1CVSS6.6AI score0.00613EPSS
Exploits1
Rows per page
Query Builder