npm package
@graphql-tools/git-loader
pkg:npm/%40graphql-tools/git-loader
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-23326 | — | < 6.2.6 | 6.2.6 | Jan 20, 2021 | This affects the package @graphql-tools/git-loader before 6.2.6. The use of exec and execSync in packages/loaders/git/src/load-git.ts allows arbitrary command injection. |
- CVE-2021-23326Jan 20, 2021affected < 6.2.6fixed 6.2.6
This affects the package @graphql-tools/git-loader before 6.2.6. The use of exec and execSync in packages/loaders/git/src/load-git.ts allows arbitrary command injection.