Vulnerabilities > Keystonejs > Keystone > 3.0.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-15 | CVE-2023-40027 | Missing Authorization vulnerability in Keystonejs Keystone Keystone is an open source headless CMS for Node.js — built with GraphQL and React. | 5.3 |
| 2023-06-13 | CVE-2023-34247 | Open Redirect vulnerability in Keystonejs Keystone Keystone is a content management system for Node.JS. | 4.1 |
| 2022-11-03 | CVE-2022-39382 | Injection vulnerability in Keystonejs Keystone 3.0.0/3.0.1 Keystone is a headless CMS for Node.js — built with GraphQL and React.`@keystone-6/[email protected] || 3.0.1` users that use `NODE_ENV` to trigger security-sensitive functionality in their production builds are vulnerable to `NODE_ENV` being inlined to `"development"` for user code, irrespective of what your environment variables. | 9.8 |