Lucene search
GitHub Advisory DatabaseGHSA-2HMF-46V7-V6FXHistoryJun 12, 2024 - 9:31 p.m.
gqlparser denial of service vulnerability via the parserDirectives function
2024-06-1221:31:19
CWE-400
GitHub Advisory Database
github.com
2
vektah gqlparser open-source-library remote attacker denial of service crafted script software
An issue in vektah gqlparser open-source-library v.2.5.10 allows a remote attacker to cause a denial of service via a crafted script to the parserDirectives function.
Affected configurations
Node
github_advisory_databasegithub.com\/vektah\/gqlparserRange<2.5.14
ORgithub_advisory_databasegithub.com\/vektah\/gqlparser\/v2Range<2.5.14
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/vektah/gqlparser | lt | 2.5.14 | |
| github.com/vektah/gqlparser/v2 | lt | 2.5.14 |
References
gist.github.com/uvzz/d3ed9d4532be16ec1040a2cf3dfec8d1
github.com/99designs/gqlgen/issues/3118
github.com/advisories/GHSA-2hmf-46v7-v6fx
github.com/vektah/gqlparser/blob/master/parser/query.go#L316
github.com/vektah/gqlparser/commit/36a3658873bf5a107f42488dfc392949cdd02977
nvd.nist.gov/vuln/detail/CVE-2023-49559
Related
osv
osv
CGA-f2h6-vhfv-9wfh
2024-06-19 07:35:38
CGA-28jv-3vhj-mh4f
2024-06-13 16:04:09
CGA-pq49-565p-4jxc
2024-06-13 16:06:08
vulnrichment
vulnrichment
CVE-2023-49559
2024-06-12 00:00:00
cvelist
cvelist
CVE-2023-49559
2024-06-12 00:00:00
nvd
nvd
CVE-2023-49559
2024-06-12 20:15:10
veracode
veracode
Denial Of Service (DoS)
2024-06-13 08:29:20
cve
cve
CVE-2023-49559
2024-06-12 20:15:10
wolfi
wolfi
CVE-2023-49559 vulnerabilities
2024-06-23 03:08:23