3121 matches found
com.atlassian:nadel (>=2022-01-19T23-18-30-adbad461 <=2024-01-23T04-58-06-b811e23f), com.atlassian:nadel-api (>=2022-01-19T23-18-30-adbad461 <=2022-03-22T05-05-01-a5d0b804) +4 more potentially affected by CVE-2023-28867 via com.graphql-java:graphql-java (>=0.0.0-2021-06-27T12-22-33-cd2bab76 <=0.0.0-2023-12-05T22-54-46-39d2155)
com.graphql-java:graphql-java MAVEN version =0.0.0-2021-06-27T12-22-33-cd2bab76, =2022-01-19T23-18-30-adbad461, =2022-01-19T23-18-30-adbad461, =2022-01-19T23-18-30-adbad461, =2022-01-19T23-18-30-adbad461, =2022-01-19T23-18-30-adbad461, =2022-04-05T04-35-54-29b76c29 -...
GraphQL Java vulnerable to stack consumption
In GraphQL Java aka graphql-java before 20.1, an attacker can send a crafted GraphQL query that causes stack consumption. The fixed versions are 20.1, 19.4, 18.4, 17.5, and 0.0.0-2023-03-20T01-49-44-80e3135...
GHSA-P4QX-6W5P-4RJ2 GraphQL Java vulnerable to stack consumption
In GraphQL Java aka graphql-java before 20.1, an attacker can send a crafted GraphQL query that causes stack consumption. The fixed versions are 20.1, 19.4, 18.4, 17.5, and 0.0.0-2023-03-20T01-49-44-80e3135...
CVE-2023-28867
In GraphQL Java aka graphql-java before 20.1, an attacker can send a crafted GraphQL query that causes stack consumption. The fixed versions are 20.1, 19.4, 18.4, 17.5, and 0.0.0-2023-03-20T01-49-44-80e3135...
CVE-2023-28867
In GraphQL Java aka graphql-java before 20.1, an attacker can send a crafted GraphQL query that causes stack consumption. The fixed versions are 20.1, 19.4, 18.4, 17.5, and 0.0.0-2023-03-20T01-49-44-80e3135...
Design/Logic Flaw
In GraphQL Java aka graphql-java before 20.1, an attacker can send a crafted GraphQL query that causes stack consumption. The fixed versions are 20.1, 19.4, 18.4, 17.5, and 0.0.0-2023-03-20T01-49-44-80e3135...
CVE-2023-28867
In GraphQL Java aka graphql-java before 20.1, an attacker can send a crafted GraphQL query that causes stack consumption. The fixed versions are 20.1, 19.4, 18.4, 17.5, and 0.0.0-2023-03-20T01-49-44-80e3135...
CVE-2023-28867
In GraphQL Java aka graphql-java before 20.1, an attacker can send a crafted GraphQL query that causes stack consumption. The fixed versions are 20.1, 19.4, 18.4, 17.5, and 0.0.0-2023-03-20T01-49-44-80e3135...
PT-2023-22016 · Unknown · Graphql-Java
Name of the Vulnerable Software and Affected Versions: graphql-java versions prior to 20.1 graphql-java versions prior to 19.4 graphql-java versions prior to 18.4 graphql-java versions prior to 17.5 Description: An attacker can send a crafted GraphQL query that causes stack consumption. The issue...
CVE-2023-28867
CVE-2023-28867 affects GraphQL Java (graphql-java) prior to 20.1; a specially crafted GraphQL query can cause stack consumption, leading to denial of service. Fixed versions are 20.1, 19.4, 18.4, 17.5, and 0.0.0-2023-03-20T01-49-44-80e3135. IBM and ENISA-related bulletins corroborate a DoS condit...
Waf-Bypass - Check Your WAF Before An Attacker Does
WAF bypass Tool is an open source tool to analyze the security of any WAF for False Positives and False Negatives using predefined and customizable payloads. Check your WAF before an attacker does. WAF Bypass Tool is developed by Nemesida WAF team with the participation of community. How to run I...
GraphQL Java 安全漏洞
GraphQL Java is GraphQL Java open source a GraphQL Java implementation . Query language and server-side runtime for application programming interfaces APIs. A security vulnerability exists in versions of GraphQL Java prior to 20.1 that stems from an attacker's ability to send crafted GraphQL...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Ibexa Ezplatform-Graphql
CVE-2022-41876 - eZ Platform user information disclosure A vu...
GHSA-67G8-C724-8MP3 DDOS attack on graphql endpoints
An attacker could use a specially crafted graphql query to execute a Distributed Denial of Service attack DDOS attack against a website. This mostly affects websites with publicly exposed and particularly large/complex graphql schemas. If your Silverstripe CMS project does not expose a public...
DDOS attack on graphql endpoints
An attacker could use a specially crafted graphql query to execute a Distributed Denial of Service attack DDOS attack against a website. This mostly affects websites with publicly exposed and particularly large/complex graphql schemas. If your Silverstripe CMS project does not expose a public...
CVE-2023-28104
silverstripe/graphql serves Silverstripe data as GraphQL representations. In versions 4.2.2 and 4.1.1, an attacker could use a specially crafted graphql query to execute a denial of service attack against a website which has a publicly exposed graphql endpoint. This mostly affects websites with...
Design/Logic Flaw
silverstripe/graphql serves Silverstripe data as GraphQL representations. In versions 4.2.2 and 4.1.1, an attacker could use a specially crafted graphql query to execute a denial of service attack against a website which has a publicly exposed graphql endpoint. This mostly affects websites with...
CVE-2023-28104 silverstripe/graphql Denial of Service vulnerability
silverstripe/graphql serves Silverstripe data as GraphQL representations. In versions 4.2.2 and 4.1.1, an attacker could use a specially crafted graphql query to execute a denial of service attack against a website which has a publicly exposed graphql endpoint. This mostly affects websites with...
CVE-2023-28104 silverstripe/graphql Denial of Service vulnerability
silverstripe/graphql serves Silverstripe data as GraphQL representations. In versions 4.2.2 and 4.1.1, an attacker could use a specially crafted graphql query to execute a denial of service attack against a website which has a publicly exposed graphql endpoint. This mostly affects websites with...
CVE-2023-28104
CVE-2023-28104 affects silverstripe/graphql. In versions 4.2.2 and 4.1.1, a specially crafted GraphQL query could cause a denial-of-service against websites with publicly exposed GraphQL endpoints, especially those with large/complex schemas. Impact is denial of service affecting availability; re...