3121 matches found
GHSA-MH3M-8C74-74XH Denial of Service in graphql-go
Impact This is a DoS vulnerability that is possible due to a bug in the library that would allow an attacker with specifically designed queries to cause stack overflow panics. Any user with access to the GraphQL handler can send these queries and cause stack overflows. This in turn could...
graphql-go denial of service vulnerability
graphql-go is an open source GraphQL server focused on ease of use. graphql-go has a security vulnerability that stems from a DoS vulnerability in versions prior to 1.3.0, likely due to a bug in the library. an attacker could exploit the vulnerability to cause a stack overflow panic using a...
Denial Of Service (DoS)
github.com/graph-gophers/graphql-go is vulnerable to denial of service DoS attacks. An authenticated attacker with access to the GraphQL handler is able to send specifically crafted queries and cause stack based buffer overflows resulting in denial of service conditions...
DEBIAN-CVE-2022-21708
graphql-go is a GraphQL server with a focus on ease of use. In versions prior to 1.3.0 there exists a DoS vulnerability that is possible due to a bug in the library that would allow an attacker with specifically designed queries to cause stack overflow panics. Any user with access to the GraphQL...
CVE-2022-21708
graphql-go is a GraphQL server with a focus on ease of use. In versions prior to 1.3.0 there exists a DoS vulnerability that is possible due to a bug in the library that would allow an attacker with specifically designed queries to cause stack overflow panics. Any user with access to the GraphQL...
CVE-2022-21708
graphql-go is a GraphQL server with a focus on ease of use. In versions prior to 1.3.0 there exists a DoS vulnerability that is possible due to a bug in the library that would allow an attacker with specifically designed queries to cause stack overflow panics. Any user with access to the GraphQL...
Stack overflow
graphql-go is a GraphQL server with a focus on ease of use. In versions prior to 1.3.0 there exists a DoS vulnerability that is possible due to a bug in the library that would allow an attacker with specifically designed queries to cause stack overflow panics. Any user with access to the GraphQL...
UBUNTU-CVE-2022-21708
graphql-go is a GraphQL server with a focus on ease of use. In versions prior to 1.3.0 there exists a DoS vulnerability that is possible due to a bug in the library that would allow an attacker with specifically designed queries to cause stack overflow panics. Any user with access to the GraphQL...
CVE-2022-21708 Denial of Service in graphql-go
graphql-go is a GraphQL server with a focus on ease of use. In versions prior to 1.3.0 there exists a DoS vulnerability that is possible due to a bug in the library that would allow an attacker with specifically designed queries to cause stack overflow panics. Any user with access to the GraphQL...
CVE-2022-21708
The CVE-2022-21708 issue affects graphql-go (GraphQL server). In versions prior to 1.3.0, a bug allows an attacker with access to the GraphQL handler to send crafted queries that trigger a stack overflow panic, potentially impairing the server’s ability to serve data. The vulnerability is fixed i...
CVE-2022-21708 Denial of Service in graphql-go
graphql-go is a GraphQL server with a focus on ease of use. In versions prior to 1.3.0 there exists a DoS vulnerability that is possible due to a bug in the library that would allow an attacker with specifically designed queries to cause stack overflow panics. Any user with access to the GraphQL...
CVE-2022-21708
graphql-go is a GraphQL server with a focus on ease of use. In versions prior to 1.3.0 there exists a DoS vulnerability that is possible due to a bug in the library that would allow an attacker with specifically designed queries to cause stack overflow panics. Any user with access to the GraphQL...
CVE-2022-21708 Denial of Service in graphql-go
graphql-go is a GraphQL server with a focus on ease of use. In versions prior to 1.3.0 there exists a DoS vulnerability that is possible due to a bug in the library that would allow an attacker with specifically designed queries to cause stack overflow panics. Any user with access to the GraphQL...
graphql-go 资源管理错误漏洞
graphql-go is an open source GraphQL server focused on ease of use. graphql-go has a security vulnerability that stems from a DoS vulnerability in versions prior to 1.3.0, likely due to a bug in the library. an attacker could exploit the vulnerability to cause a stack overflow panic using a...
PT-2022-15055 · Unknown +1 · Graphql-Go +1
Name of the Vulnerable Software and Affected Versions: graphql-go versions prior to 1.3.0 Description: The issue is a DoS vulnerability due to a bug in the library that allows an attacker with specifically designed queries to cause stack overflow panics. Any user with access to the GraphQL handle...
CVE-2022-0172
An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.3. Under certain conditions it was possible to bypass the IP restriction for public projects through GraphQL allowing unauthorised users to read titles of issues, merge requests and milestones...
CVE-2022-0152
An issue has been discovered in GitLab affecting all versions starting from 13.10 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2. GitLab was vulnerable to unauthorized access to some particular fields through the GraphQL API...
CVE-2022-0152
An issue has been discovered in GitLab affecting all versions starting from 13.10 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2. GitLab was vulnerable to unauthorized access to some particular fields through the GraphQL API...
CVE-2022-0172
An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.3. Under certain conditions it was possible to bypass the IP restriction for public projects through GraphQL allowing unauthorised users to read titles of issues, merge requests and milestones...
CVE-2022-0172
An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.3. Under certain conditions it was possible to bypass the IP restriction for public projects through GraphQL allowing unauthorised users to read titles of issues, merge requests and milestones...