CVE-2022-37315

graphql-go aka GraphQL for Go through 0.8.0 has infinite recursion in the type definition parser...

CVE-2022-37315

graphql-go aka GraphQL for Go through 0.8.0 has infinite recursion in the type definition parser...

Design/Logic Flaw

graphql-go aka GraphQL for Go through 0.8.0 has infinite recursion in the type definition parser...

UBUNTU-CVE-2022-37315

graphql-go aka GraphQL for Go through 0.8.0 has infinite recursion in the type definition parser...

CVE-2022-37315

graphql-go aka GraphQL for Go through 0.8.0 has infinite recursion in the type definition parser...

CVE-2022-37315

GraphQL-go (GraphQL for Go) up to v0.8.0 contains an infinite recursion in the type-definition parser. The CVE-2022-37315 entry notes this vulnerability impact, with an NVD CVSSv3.1 base score of 7.5 (HIGH) and network attack vector, no privileges required, no user interaction, and availability i...

CVE-2022-31173

Juniper is a GraphQL server library for Rust. Affected versions of Juniper are vulnerable to uncontrolled recursion resulting in a program crash. This issue has been addressed in version 0.15.10. Users are advised to upgrade. Users unable to upgrade should limit the recursion depth manually...

Design/Logic Flaw

Juniper is a GraphQL server library for Rust. Affected versions of Juniper are vulnerable to uncontrolled recursion resulting in a program crash. This issue has been addressed in version 0.15.10. Users are advised to upgrade. Users unable to upgrade should limit the recursion depth manually...

CVE-2022-31173 Juniper is vulnerable to @DOS GraphQL Nested Fragments overflow

Juniper is a GraphQL server library for Rust. Affected versions of Juniper are vulnerable to uncontrolled recursion resulting in a program crash. This issue has been addressed in version 0.15.10. Users are advised to upgrade. Users unable to upgrade should limit the recursion depth manually...

CVE-2022-31173 Juniper is vulnerable to @DOS GraphQL Nested Fragments overflow

Juniper is a GraphQL server library for Rust. Affected versions of Juniper are vulnerable to uncontrolled recursion resulting in a program crash. This issue has been addressed in version 0.15.10. Users are advised to upgrade. Users unable to upgrade should limit the recursion depth manually...

CVE-2022-31173 Juniper is vulnerable to @DOS GraphQL Nested Fragments overflow

Juniper is a GraphQL server library for Rust. Affected versions of Juniper are vulnerable to uncontrolled recursion resulting in a program crash. This issue has been addressed in version 0.15.10. Users are advised to upgrade. Users unable to upgrade should limit the recursion depth manually...

CVE-2022-31173

CVE-2022-31173 affects the Juniper GraphQL server library for Rust. Affected versions are vulnerable to uncontrolled recursion, causing a program crash (denial of service). The issue is addressed in version 0.15.10; users should upgrade. If upgrading is not possible, a manual limit on recursion d...

graphql-go 安全漏洞

graphql-go is an open source GraphQL server focused on ease of use. A security vulnerability exists in graphql-go also known as GraphQL for Go version 0.8.0, which stems from the type definition parser having infinite recursion...

graphql-rust 资源管理错误漏洞

graphql-rust is a Rust-based GraphQL server library. A resource management error vulnerability exists in versions of graphql-rust Juniper prior to 0.15.10, which stems from vulnerability to uncontrolled recursion that can cause a program to crash...

PT-2022-23922 · Unknown · Graphql-Go

Name of the Vulnerable Software and Affected Versions: graphql-go aka GraphQL for Go versions 0.8.0 and earlier Description: The issue concerns infinite recursion in the type definition parser. Recommendations: For versions 0.8.0 and earlier, at the moment, there is no information about a newer...

GHSA-4RX6-G5VG-5F3J Juniper is vulnerable to @DOS GraphQL Nested Fragments overflow

GraphQL behaviour Nested fragment in GraphQL might be quite hard to handle depending on the implementation language. Some language support natively a max recursion depth. However, on most compiled languages, you should add a threshold of recursion. graphql Infinite loop example query ...a fragmen...

Juniper is vulnerable to @DOS GraphQL Nested Fragments overflow

GraphQL behaviour Nested fragment in GraphQL might be quite hard to handle depending on the implementation language. Some language support natively a max recursion depth. However, on most compiled languages, you should add a threshold of recursion. graphql Infinite loop example query ...a fragmen...

apollo-gateway-rs (>=0.7.5 <=0.7.6), aqlgen (>=0.1.0 <=0.8.0) +61 more potentially affected by unknown CVE via async-graphql (>=1.13.4 <=4.0.16)

async-graphql CARGO version =1.13.4, =0.7.5, =0.1.0, =0.1.0, =0.1.0, =0.0.1-alpha+3, =0.1.0, =2.9.13, =0.1.0-beta.0, =2.9.12, =0.2.0, =1.14.10, =0.1.0, =1.0.0, =4.0.16 and more Source cves: unknown CVE Source advisory: OSV:GHSA-XQ3C-8GQM-V648...

async-graphql / async-graphql - @DOS GraphQL Nested Fragments overflow

Impact Executing deeply nested queries may cause stack overflow. Patches Upgrade to v4.0.6...

GHSA-XQ3C-8GQM-V648 async-graphql / async-graphql - @DOS GraphQL Nested Fragments overflow

Impact Executing deeply nested queries may cause stack overflow. Patches Upgrade to v4.0.6...