GHSA-H3QM-JRRF-CGJ3 graphql-go has infinite recursion in the type definition parser

graphql-go aka GraphQL for Go through 0.8.0 has infinite recursion in the type definition parser...

graphql-go has infinite recursion in the type definition parser

graphql-go aka GraphQL for Go through 0.8.0 has infinite recursion in the type definition parser...

CVE-2022-37315

graphql-go aka GraphQL for Go through 0.8.0 has infinite recursion in the type definition parser...

CVE-2022-37315

graphql-go aka GraphQL for Go through 0.8.0 has infinite recursion in the type definition parser...

CVE-2022-37315

graphql-go aka GraphQL for Go through 0.8.0 has infinite recursion in the type definition parser...

CVE-2022-37315

graphql-go aka GraphQL for Go through 0.8.0 has infinite recursion in the type definition parser...

Design/Logic Flaw

graphql-go aka GraphQL for Go through 0.8.0 has infinite recursion in the type definition parser...

UBUNTU-CVE-2022-37315

graphql-go aka GraphQL for Go through 0.8.0 has infinite recursion in the type definition parser...

CVE-2022-37315

graphql-go aka GraphQL for Go through 0.8.0 has infinite recursion in the type definition parser...

CVE-2022-37315

GraphQL-go (GraphQL for Go) up to v0.8.0 contains an infinite recursion in the type-definition parser. The CVE-2022-37315 entry notes this vulnerability impact, with an NVD CVSSv3.1 base score of 7.5 (HIGH) and network attack vector, no privileges required, no user interaction, and availability i...

CVE-2022-31173

Juniper is a GraphQL server library for Rust. Affected versions of Juniper are vulnerable to uncontrolled recursion resulting in a program crash. This issue has been addressed in version 0.15.10. Users are advised to upgrade. Users unable to upgrade should limit the recursion depth manually...

Design/Logic Flaw

Juniper is a GraphQL server library for Rust. Affected versions of Juniper are vulnerable to uncontrolled recursion resulting in a program crash. This issue has been addressed in version 0.15.10. Users are advised to upgrade. Users unable to upgrade should limit the recursion depth manually...

CVE-2022-31173 Juniper is vulnerable to @DOS GraphQL Nested Fragments overflow

Juniper is a GraphQL server library for Rust. Affected versions of Juniper are vulnerable to uncontrolled recursion resulting in a program crash. This issue has been addressed in version 0.15.10. Users are advised to upgrade. Users unable to upgrade should limit the recursion depth manually...

CVE-2022-31173 Juniper is vulnerable to @DOS GraphQL Nested Fragments overflow

Juniper is a GraphQL server library for Rust. Affected versions of Juniper are vulnerable to uncontrolled recursion resulting in a program crash. This issue has been addressed in version 0.15.10. Users are advised to upgrade. Users unable to upgrade should limit the recursion depth manually...

CVE-2022-31173

CVE-2022-31173 affects the Juniper GraphQL server library for Rust. Affected versions are vulnerable to uncontrolled recursion, causing a program crash (denial of service). The issue is addressed in version 0.15.10; users should upgrade. If upgrading is not possible, a manual limit on recursion d...

CVE-2022-31173 Juniper is vulnerable to @DOS GraphQL Nested Fragments overflow

Juniper is a GraphQL server library for Rust. Affected versions of Juniper are vulnerable to uncontrolled recursion resulting in a program crash. This issue has been addressed in version 0.15.10. Users are advised to upgrade. Users unable to upgrade should limit the recursion depth manually...

graphql-rust 资源管理错误漏洞

graphql-rust is a Rust-based GraphQL server library. A resource management error vulnerability exists in versions of graphql-rust Juniper prior to 0.15.10, which stems from vulnerability to uncontrolled recursion that can cause a program to crash...

graphql-go 安全漏洞

graphql-go is an open source GraphQL server focused on ease of use. A security vulnerability exists in graphql-go also known as GraphQL for Go version 0.8.0, which stems from the type definition parser having infinite recursion...

PT-2022-23922 · Unknown · Graphql-Go

Name of the Vulnerable Software and Affected Versions: graphql-go aka GraphQL for Go versions 0.8.0 and earlier Description: The issue concerns infinite recursion in the type definition parser. Recommendations: For versions 0.8.0 and earlier, at the moment, there is no information about a newer...

GHSA-4RX6-G5VG-5F3J Juniper is vulnerable to @DOS GraphQL Nested Fragments overflow

GraphQL behaviour Nested fragment in GraphQL might be quite hard to handle depending on the implementation language. Some language support natively a max recursion depth. However, on most compiled languages, you should add a threshold of recursion. graphql Infinite loop example query ...a fragmen...