Hasura GraphQL Engine 代码问题漏洞

Hasura GraphQL Engine is a very fast GraphQL server from Hasura open source. A code issue vulnerability exists in Hasura GraphQL Engine version 1.3.3, which stems from a remote schema URL injection that could lead to server-side request forgery...

Cache Poisoning

check-jsonschema is vulnerable to Cache Poisoning. The vulnerability is due to improper handling of schema caching, where the basename of a remote schema URL is used as the cache filename. This allows attackers to insert malicious schemas into the cache via schema URL conflicts, potentially causi...