Exploit for CVE-2024-40094

CVE-2024-40094 ENF ExecutableNormalizedFields Denial of Serv...

graphql-java: Allocation of Resources Without Limits or Throttling in GraphQL Java

A vulnerability was found in GraphQL Java, affecting versions prior to 21.5. This flaw allows an attacker to perform a denial of service DoS attack via introspection queries. The issue arises due to the improper handling of ExecutableNormalizedFields ENFs, which are not adequately considered duri...

GHSA-H9MQ-F6Q5-6C8M GraphQL Java does not properly consider ExecutableNormalizedFields (ENFs) as part of preventing denial of service

GraphQL Java aka graphql-java before 21.5 does not properly consider ExecutableNormalizedFields ENFs as part of preventing denial of service via introspection queries. 20.9 and 19.11 are also fixed versions...

PT-2024-28780 · Unknown · Graphql-Java

Name of the Vulnerable Software and Affected Versions: GraphQL Java versions prior to 21.5 GraphQL Java version 20.9 GraphQL Java version 19.11 Description: The issue is related to the improper consideration of ExecutableNormalizedFields ENFs in preventing denial of service via introspection...

GraphQL Java 安全漏洞

GraphQL Java is a GraphQL Java implementation of the GraphQL Java open source. Query language and server-side runtime for application programming interfaces APIs. A security vulnerability exists in GraphQL Java versions prior to 21.5 that stems from not properly considering...