High
Node.js gatsby-plugin-mdx module could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization when passing input through to the gray-matter package. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system
Node.js
Node.js gatsby-plugin-mdx 2.14.1
Node.js gatsby-plugin-mdx 3.15.2
Refer to gatsby GIT Repository for patch, upgrade or suggested workaround information.