Gatsby Security Vulnerabilities and Issues — Gatsby CVE List

Lucene search

GatsbyjsGatsby

3 matches found

CVE•added 2023/01/13 7:15 p.m.•144 views

CVE-2023-22491

Gatsby is a free and open source framework based on React that helps developers build websites and apps. The gatsby-transformer-remark plugin prior to versions 5.25.1 and 6.3.2 passes input through to the gray-matter npm package, which is vulnerable to JavaScript injection in its default configurat...

8.1CVSS6.4AI score0.00136EPSS

CVE•added 2023/06/08 12:15 a.m.•41 views

CVE-2023-34238

Gatsby is a free and open source framework based on React. The Gatsby framework prior to versions 4.25.7 and 5.9.1 contain a Local File Inclusion vulnerability in the __file-code-frame and __original-stack-frame paths, exposed when running the Gatsby develop server (gatsby develop). Any file in sco...

5.3CVSS4.8AI score0.00451EPSS

CVE•added 2023/04/17 9:15 p.m.•35 views

CVE-2023-30548

gatsby-plugin-sharp is a plugin for the gatsby framework which exposes functions built on the Sharp image processing library. The gatsby-plugin-sharp plugin prior to versions 5.8.1 and 4.25.1 contains a path traversal vulnerability exposed when running the Gatsby develop server (gatsby develop). It...

4.3CVSS4.4AI score0.01854EPSS