type-graphql@0.17.4 vulnerabilities

Create GraphQL schema and resolvers with TypeScript, using classes and decorators!

Direct Vulnerabilities

Known vulnerabilities in the type-graphql package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • L
Information Exposure

type-graphql is a package to create GraphQL schema and resolvers with TypeScript, using classes and decorators!

Affected versions of this package are vulnerable to Information Exposure. The package leaks the resolver source code in an error message. It is possible to force this error when no subscription topics are provided in the request.

How to fix Information Exposure?

Upgrade type-graphql to version 0.17.6 or higher.

<0.17.6