Homepage

docusaurus-plugin-content-gists@0.1.1 vulnerabilities

Display gists from GitHub as content in Docusaurus

  • latest version

    4.0.0

  • latest non vulnerable version

    4.0.0

  • first published

    3 years ago

  • latest version published

    1 months ago

  • licenses detected

  • View docusaurus-plugin-content-gists package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the docusaurus-plugin-content-gists package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Information Exposure

    docusaurus-plugin-content-gists is a Display gists from GitHub as content in Docusaurus

    Affected versions of this package are vulnerable to Information Exposure via the personalAccessToken configuration option. An attacker can gain unauthorized access to sensitive GitHub resources by extracting the token from client-side JavaScript bundles included in production builds.

    How to fix Information Exposure?

    Upgrade docusaurus-plugin-content-gists to version 4.0.0 or higher.

    <4.0.0
    Go back to all versions of this package