apollo-link-context@2.0.0-beta.0

Vulnerabilities

1 via 1 paths

Dependencies

20

Source

npm

Find, fix and prevent vulnerabilities in your code.

Severity
  • 1
Status
  • 1
  • 0
  • 0

medium severity
new

Information Exposure

  • Vulnerable module: @apollo/client
  • Introduced through: @apollo/client@3.3.20

Detailed paths

  • Introduced through: apollo-link-context@2.0.0-beta.0 @apollo/client@3.3.20

Overview

@apollo/client is an A fully-featured caching GraphQL client.

Affected versions of this package are vulnerable to Information Exposure. Mutation with secret parameter is attached to cache.ROOT_MUTATION and is therefore leaking.

Remediation

A fix was pushed into the master branch but not yet published.

References