npm package
gatsby-transformer-remark
pkg:npm/gatsby-transformer-remark
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-22491 | — | >= 6.0.0, < 6.3.2 | 6.3.2 | Jan 13, 2023 | Gatsby is a free and open source framework based on React that helps developers build websites and apps. The gatsby-transformer-remark plugin prior to versions 5.25.1 and 6.3.2 passes input through to the `gray-matter` npm package, which is vulnerable to JavaScript injection in i |
- CVE-2023-22491Jan 13, 2023affected >= 6.0.0, < 6.3.2fixed 6.3.2
Gatsby is a free and open source framework based on React that helps developers build websites and apps. The gatsby-transformer-remark plugin prior to versions 5.25.1 and 6.3.2 passes input through to the `gray-matter` npm package, which is vulnerable to JavaScript injection in i