ROOT-APP-MAVEN-CVE-2024-40094 CVE-2024-40094 in io.root.com.graphql-java:graphql-java - Patched by Root

Root has patched CVE-2024-40094 in the io.root.com.graphql-java:graphql-java package for Root:Maven. Multiple fixed versions available...

EUVD-2022-6942

Malicious code in bioql PyPI...

EUVD-2023-1064

Malicious code in bioql PyPI...

Malicious code in graphql_java_gen (npm)

The package graphqljavagen was found to contain malicious code...

MAL-2025-21889 Malicious code in graphql_java_gen (npm)

The package graphqljavagen was found to contain malicious code...

PT-2025-33603 · Git · Graphql-Java

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=422217211 Crash type: Security exception Crash state: graphql.parser.GraphqlAntlrToLanguage.createNonNullType graphql.parser.GraphqlAntlrToLanguage.createType graphql.parser.GraphqlAntlrToLanguage.createListType...

Security Bulletin: Due to use of WebSphere Liberty, IBM Cloud Pak Sys is vulnerable to a Denial of Service

Summary WebSphere Liberty is used by IBM Cloud Pak System as part of the WebSphere Liberty pattern type using GraphQL Java CVE-2024-40094. Vulnerability Details CVEID:CVE-2024-40094 DESCRIPTION: GraphQL Java aka graphql-java is vulnerable to a denial of service, caused by the failure to properly...

Security Bulletin: Denial of service vulnerability in IBM WebSphere Application Server Liberty may affect IBM Storage Protect Operations Center (CVE-2024-40094).

Summary IBM Storage Protect Operations Center may be affected by denial of service caused by failure to consider ExecutableNormalizedFields in Open-source GraphQL Java library used by IBM WebSphere Application Server Liberty. Vulnerability Details CVEID:CVE-2024-40094 DESCRIPTION: GraphQL Java ak...

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to a denial of service due to GraphQL Java in IBM WebSphere Application Server Liberty CVE-2024-40094

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to a denial of service due to GraphQL Java in IBM WebSphere Application Server Liberty CVE-2024-40094. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-40094...

Security Bulletin: IBM Maximo Application Suite Predict Component uses IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to GraphQL Java CVE-2024-40094

Summary Security Bulletin: IBM Maximo Application Suite Predict Component uses IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to GraphQL Java CVE-2024-40094. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

Security Bulletin: Vulnerability in GraphQL Java affects IBM watsonx Assistant for IBM Cloud Pak for Data

Summary Potential vulnerability in GraphQL Java has been identified that affects IBM watsonx Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-40094 DESCRIPTION: GraphQL Java aka...

Security Bulletin: The IBM® Engineering Lifecycle Engineering products using IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to GraphQL Java

Summary There is a vulnerability in the GraphQL Java library used by IBM WebSphere Application Server Liberty with the mpGraphQL-1.0 or mpGraphQL-2.0 feature enabled. Following IBM® Engineering Lifecycle Engineering products are vulnerable to this attack, it has been addressed in this bulletin:...

IBM WebSphere Application Server Liberty 20.0.0.6 < 24.0.0.12 DoS (7174997)

The version of IBM WebSphere Application Server Liberty running on the remote host is affected by a DoS vulnerability as referenced in the 7174997 advisory. - GraphQL Java aka graphql-java before 21.5 does not properly consider ExecutableNormalizedFields ENFs as part of preventing denial of servi...

Security Bulletin: There is a vulnerability in GraphQL Java used by IBM Maximo Asset Management application (CVE-2024-40094)

Summary There is a vulnerability in GraphQL Java used by IBM Maximo Asset Management application CVE-2024-40094 Vulnerability Details CVEID:CVE-2024-40094 DESCRIPTION: GraphQL Java aka graphql-java is vulnerable to a denial of service, caused by the failure to properly consider...

Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to GraphQL Java (CVE-2024-40094)

Summary There is a vulnerability in the GraphQL Java library used by IBM WebSphere Application Server Liberty with the mpGraphQL-1.0 or mpGraphQL-2.0 feature enabled. Vulnerability Details CVEID:CVE-2024-40094 DESCRIPTION: GraphQL Java aka graphql-java is vulnerable to a denial of service, caused...

Security Bulletin: There is a vulnerability in graphql-java-20.1.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2024-40094)

Summary There is a vulnerability in graphql-java-20.1.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2024-40094 DESCRIPTION: GraphQL Java aka graphql-java is vulnerable to a denial of service, caused by the failure to properly consider...

Security Bulletin: IBM WebSphere Application Server Liberty , which is bundled with IBM Cloud Pak for Applications, is vulnerable to a denial of service due to GraphQL Java (CVE-2024-40094)

Summary There is a vulnerability in the GraphQL Java library used by IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, with the mpGraphQL-1.0 or mpGraphQL-2.0 feature enabled. Vulnerability Details Refer to the security bulletins listed in the...

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to a denial of service due to GraphQL Java (CVE-2024-40094)

Summary There is a vulnerability in the GraphQL Java library used by IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, with the mpGraphQL-1.0 or mpGraphQL-2.0 feature enabled. Vulnerability Details Refer to the security bulletins listed in the...

Security Bulletin: IBM PowerVM Novalink is vulnerable because GraphQL Java (aka graphql-java) is vulnerable to a denial of service, caused by the failure to properly consider ExecutableNormalizedFields. (CVE-2024-40094)

Summary IBM PowerVM Novalink is vulnerable because GraphQL Java aka graphql-java is vulnerable to a denial of service, caused by the failure to properly consider ExecutableNormalizedFields ENFs as part of preventing denial of service. By using introspection queries, a remote attacker could exploi...

Security Bulletin: There is a vulnerability in GraphQL Java used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2024-40094)

Summary There is a vulnerability in GraphQL Java used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2024-40094 DESCRIPTION: GraphQL Java aka graphql-java is vulnerable to a denial of service, caused by the failure to properly consider...