@apollo/client@3.3.20

Vulnerabilities

1 via 1 paths

Dependencies

19

Source

npm

Find, fix and prevent vulnerabilities in your code.

Severity
  • 1
Status
  • 1
  • 0
  • 0

medium severity

Information Exposure

  • Vulnerable module: @apollo/client
  • Introduced through: @apollo/client@3.3.20

Detailed paths

  • Introduced through: @apollo/client@3.3.20

Overview

@apollo/client is an A fully-featured caching GraphQL client.

Affected versions of this package are vulnerable to Information Exposure. Mutation with secret parameter is attached to cache.ROOT_MUTATION and is therefore leaking.

Remediation

Upgrade @apollo/client to version 3.4.0-rc.2 or higher.

References