GHSA-VHHW-XJVF-WPRR Command Injection in @graphql-tools/git-loader

This affects the package @graphql-tools/git-loader before 6.2.6. The use of exec and execSync in packages/loaders/git/src/load-git.ts allows arbitrary command injection...

Shopify: [h1-2102] Stored XSS in product description via `productUpdate` GraphQL query leads to XSS at handshake-web-internal.shopifycloud.com/products/[ID]

This is most likely going to be a duplicate, so I'll keep it short. A stored cross site scripting vulnerability exists at handshake-web-internal.shopifycloud.com through the product description field. Recruirements A shop with the Handshake plugin enabled and set-up Reproduction steps 1. Add a...

Shopify: [h1-2102] shopApps query from the graphql at /users/api returns all existing created apps, including private ones

Summary: I have seen that there is query called shopApps executable on the /ID/users/api graphql that returns a huge amount of apps it timeouts with a limiting. In the response I have noticed the returned apps also include the private apps, so I do not think that this is intented like this. Using...

Shopify: [h1-2102] [PLUS] User with Store Management Permission can Make enforceSamlOrganizationDomains call - that should be limited to User Management Only

Summary: PLUS User with Store Management Permission can Make enforceSamlOrganizationDomains call - that should be limited to User Management Only Description: User with Store management permission as shown in below screenshot F1168574 Should not have the ability to enforce SAML organization...

Shopify: [h1-2102] [Plus] User with Store Management Permission can Make convertUsersFromSaml/convertUsersToSaml - that should be limited to User Management

Summary: Plus User with Store Management Permission can Make convertUsersFromSaml/convertUsersToSaml - that should be limited to User Management Only Description: User with Store management permission - F1168487 only, is able to convert users account from SAML and to SAML using the graphql Impact...

Shopify: [h1-2102] [Plus] User with Store Management Permission can Make changeDomainEnforcementState - that should be limited to User Management Only

Summary: User with Store Management Permission can Make changeDomainEnforcementState - that should be limited to User Management Only Description: User with Store management permission - F1168470 only, is able to change user management settings using the graphql Steps To Reproduce: - - - - - As a...

The Guild Graphql Tools Command Injection Vulnerability

The Guild Graphql Tools is a tool from The Guild that generates graphql query statements based on a specific syntax. A command injection vulnerability exists in graphql-tools/git-loader prior to version 6.2.6, which stems from the use of exec and execSync in packages/loaders/git/src/load-git.ts t...

CVE-2021-23326

This affects the package @graphql-tools/git-loader before 6.2.6. The use of exec and execSync in packages/loaders/git/src/load-git.ts allows arbitrary command injection...

Command injection

This affects the package @graphql-tools/git-loader before 6.2.6. The use of exec and execSync in packages/loaders/git/src/load-git.ts allows arbitrary command injection...

CVE-2021-23326

The CVE-2021-23326 entry applies to the package @graphql-tools/git-loader prior to 6.2.6. The vulnerability stems from the use of exec and execSync in packages/loaders/git/src/load-git.ts, enabling arbitrary command injection. Impact is described as potential command execution with the associated...

CVE-2021-23326 Command Injection

This affects the package @graphql-tools/git-loader before 6.2.6. The use of exec and execSync in packages/loaders/git/src/load-git.ts allows arbitrary command injection...

The Guild Graphql Tools 命令注入漏洞

The Guild Graphql Tools is a tool from The Guild that generates graphql query statements based on a specific syntax. A command injection vulnerability exists in graphql-tools/git-loader prior to version 6.2.6, which stems from the use of exec and execSync in packages/loaders/git/src/load-git.ts t...

@corejam/base (>=0.0.1 <=0.0.2), @corejam/cli (>=0.0.1 <=0.0.5) +27 more potentially affected by CVE-2021-23326 via @graphql-tools/git-loader (>=6.0.0-alpha.1 <=6.2.6-alpha-9e1fc254.0)

@graphql-tools/git-loader NPM version =6.0.0-alpha.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =6.0.15, =4.0.1-alpha-0a0f697.0, =4.0.1-alpha-0a0f697.0, =1.13.6-alpha-c74c7b7d.14, =0.0.0-canary.02a53c5, =0.0.1, =1.0.5, =0.0.24, =0.1.0, =1.29.0, =2.0.0-alpha.36 and more Source cves: CVE-2021-23326 Source...

PT-2021-4079 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.8 and later Description: The issue is related to improper validation of authorization tokens in GitLab, which can result in the execution of GraphQL mutations. This can potentially allow a remote attacker to impact da...

Apache SkyWalking Storage SQL Injection (CVE-2020-9483)

An SQL injection vulnerability exists in Apache SkyWalking H2 storage implementation. The vulnerability is due to insufficient validation of the user-supplied input for metadata query through GraphQL protocol...

Apache SkyWalking Storage SQL Injection (CVE-2020-13921)

An SQL injection vulnerability exists in Apache SkyWalking MySQL storage implementation. The vulnerability is due to insufficient validation of the user supplied input for wildcard alarm search query through GraphQL protocol...

Stripe: GRAPHQL cross-tenant IDOR giving write access thought the operation UpdateAtlasApplicationPerson

@bubbounty discovered an Insecure Direct Object Reference IDOR vulnerability that allowed someone with prior Admin access to a Stripe account to add a co-founder to a Stripe Atlas application belonging to the merchant account they used to administer. The issue has been addressed by only allowing...

Shopify: Informations disclosure - Access to some checkout informations

It came to my attention that using the CheckoutStatus query on https://arrive-server.shopifycloud.com/graphql it is possible to access some checkout details, specifically the query can be called with an ID value ranging from 1 up to 48908. Unfortunately, as I could not figure out how to create a...

Information Disclosure

gitlab is vulnerable to information disclosure. It exposes private group and project membership via GraphQL in GitLab CE/EE 13.1...

Information Disclosure

gitlab is vulnerable to information disclosure. The vulnerability exists as private user emails were visible in GraphQL results...