GHSA-9W87-4J72-GCV7 Insecure Default Configuration in graphql-code-generator

Versions of graphql-code-generator prior to 0.18.2 have an Insecure Default Configuration. The packages sets NODETLSREJECTUNAUTHORIZED to 0, disabling certificate verification for the entire project. This results in Insecure Communication for the process. Recommendation Upgrade to version 0.18.2 ...

Insecure Default Configuration in graphql-code-generator

Versions of graphql-code-generator prior to 0.18.2 have an Insecure Default Configuration. The packages sets NODETLSREJECTUNAUTHORIZED to 0, disabling certificate verification for the entire project. This results in Insecure Communication for the process. Recommendation Upgrade to version 0.18.2 ...

@absa-subatomic/openshift-api (>=0.0.1 <=0.0.2), @atomist-seeds/empty-sdm (>=1.0.0-atomist-update-branch-master-20190328081334.20190328081445 <=1.0.0-master.20190328082132) +24 more potentially affected by unknown CVE via graphql-code-generator (>=0.10.7 <=0.17.0)

graphql-code-generator NPM version =0.10.7, =0.0.1, =1.0.0-atomist-update-branch-master-20190328081334.20190328081445, =0.3.7, =1.0.2, =1.1.0, =0.1.2, =0.1.0-master.20190213110409, =1.0.3-atomist-update-branch-master-1543218569607.20181126075034, =1.0.0-master.20190215080022, =1.0.0, =0.11.10,...

Insecure Default Configuration

Overview Versions of graphql-code-generator prior to 0.18.2 have an Insecure Default Configuration. The packages sets NODETLSREJECTUNAUTHORIZED to 0, disabling certificate verification for the entire project. This results in Insecure Communication for the process. Recommendation Upgrade to versio...

HackerOne: Leakage badges on disabled user

Indonesia Here ; Hi HackerOne Team, Description: This attack occurs when an attacker uses this graphql code: and this builds the path of the attacker getting disclosure information about how many programs already in the close Resolved from the Public or Disable user. okay now I do not say if the...