Versions of type-graphql prior to 0.17.6 are vulnerable to Information Exposure. The package leaks the resolver source code in an error message. It is possible to force this error when no subscription topics are provided in the request.
type-graphql
Upgrade to version 0.17.6 or later.
Versions of
type-graphqlprior to 0.17.6 are vulnerable to Information Exposure. The package leaks the resolver source code in an error message. It is possible to force this error when no subscription topics are provided in the request.Recommendation
Upgrade to version 0.17.6 or later.
References