Lucene search

CVE-2023-40180

🗓️ 16 Oct 2023 19:10:15Reported by GoogleType

osv🔗 osv.dev👁 7 Views

silverstripe-graphql package exposes DDOS vulnerability

Reporter	Title	Published	Views	Family All 9
OSV	Silverstripe GraphQL has DDOS Vulnerability due to lack of protection against recursive queries	17 Oct 202313:48	–	osv
CVE	CVE-2023-40180	16 Oct 202319:15	–	cve
Vulnrichment	CVE-2023-40180 Denial of service vulnerability in silverstripe-graphql via recursive queries	16 Oct 202318:05	–	vulnrichment
Friends Of PHP	CVE-2023-40180 DDOS Vulnerability on GraphQL due to lack of protection against recursive queries	16 Oct 202300:44	–	friendsofphp
Cvelist	CVE-2023-40180 Denial of service vulnerability in silverstripe-graphql via recursive queries	16 Oct 202318:05	–	cvelist
Prion	Design/Logic Flaw	16 Oct 202319:15	–	prion
Veracode	Distributed Denial Of Service (DDoS)	18 Oct 202306:02	–	veracode
NVD	CVE-2023-40180	16 Oct 202319:15	–	nvd
Github Security Blog	Silverstripe GraphQL has DDOS Vulnerability due to lack of protection against recursive queries	17 Oct 202313:48	–	github

Source	Link
github	www.github.com/silverstripe/silverstripe-graphql/security/advisories/GHSA-v23w-pppm-jh66
silverstripe	www.silverstripe.org/download/security-releases/CVE-2023-40180
github	www.github.com/silverstripe/silverstripe-graphql/commit/f6d5976ec4608e51184b0db1ee5b9e9a99d2501c
docs	www.docs.silverstripe.org/en/developer_guides/graphql/security_and_best_practices/recursive_or_complex_queries
github	www.github.com/silverstripe/silverstripe-graphql/tree/3.8

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

16 Oct 2023 19:15Current

7.1High risk

Vulners AI Score7.1

CVSS37.5

EPSS0.0013

SSVC