Every CVE whose affected-product data names Gatsbyjs Gatsby, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2022-25863 — CVSS 8.1 (high): The package gatsby-plugin-mdx before 2.14.1, from 3.0.0 and before 3.15.2 are vulnerable to Deserialization of Untrusted Data when passing…
CVE-2023-22491 — CVSS 8.1 (high): Gatsby is a free and open source framework based on React that helps developers build websites and apps. The gatsby-transformer-remark…
CVE-2023-30548 — CVSS 4.3 (medium): gatsby-plugin-sharp is a plugin for the gatsby framework which exposes functions built on the Sharp image processing library. The…
CVE-2023-34238 — CVSS 4.3 (medium): Gatsby is a free and open source framework based on React. The Gatsby framework prior to versions 4.25.7 and 5.9.1 contain a Local File…