Information Disclosure

apollo-server-micro is vulnerable to information disclosure. The vulnerability exists as ApolloServer incorrectly drops the values of this.requestOptions.validationRules when creating a SubscriptionServer...

codelift (>=1.0.1 <=1.0.15-canary.394.652cc97.0), graphql-server-micro (>=1.0.2 <=1.4.1) +8 more potentially affected by unknown CVE via apollo-server-micro (>=1.4.0 <=2.14.1)

apollo-server-micro NPM version =1.4.0, =1.0.1, =1.0.2, =1.0.0, =1.0.0, =2.0.0, =1.5.8, =0.1.0, =0.1.0, =1.0.0-rc.3, =1.0.0-rc.5 Source cves: unknown CVE Source advisory: OSV:GHSA-W42G-7VFC-XF37...