CVE-2024-47614

async-graphql is a GraphQL server library implemented in Rust. async-graphql before 7.0.10 does not limit the number of directives for a field. This can lead to Service Disruption, Resource Exhaustion, and User Experience Degradation. This vulnerability is fixed in 7.0.10...

apollo-gateway-rs (>=0.7.5 <=0.7.6), aqlgen (>=0.1.0 <=0.8.0) +82 more potentially affected by CVE-2024-47614 via async-graphql (>=1.13.4 <=6.0.11)

async-graphql CARGO version =1.13.4, =0.7.5, =0.1.0, =0.1.0, =0.1.0, =0.0.1-alpha+3, =0.1.0, =2.9.13, =4.0.3, =0.1.0-beta.0, =2.9.12, =0.2.0, =1.14.10, =0.1.0, =0.4.4 and more Source cves: CVE-2024-47614 Source advisory: OSV:GHSA-5GC2-7C65-8FQ8...

GHSA-5GC2-7C65-8FQ8 async-graphql Directive Overload

Impact - Service Disruption: The server may become unresponsive or extremely slow, potentially leading to downtime. - Resource Exhaustion: Excessive use of server resources, such as CPU and memory, could negatively impact other services running on the same infrastructure. - User Experience...

CVE-2024-47614

async-graphql is a GraphQL server library implemented in Rust. async-graphql before 7.0.10 does not limit the number of directives for a field. This can lead to Service Disruption, Resource Exhaustion, and User Experience Degradation. This vulnerability is fixed in 7.0.10...

CVE-2024-47614 async-graphql vulnerable to Directive Overload

async-graphql is a GraphQL server library implemented in Rust. async-graphql before 7.0.10 does not limit the number of directives for a field. This can lead to Service Disruption, Resource Exhaustion, and User Experience Degradation. This vulnerability is fixed in 7.0.10...

CVE-2024-47614

The CVE-2024-47614 issue affects the Rust GraphQL server library async-graphql prior to version 7.0.10 . The vulnerability arises because it does not limit the number of directives for a field, which can lead to Service Disruption , Resource Exhaustion , and degraded User Experience . Affected so...

CVE-2024-47614 async-graphql vulnerable to Directive Overload

async-graphql is a GraphQL server library implemented in Rust. async-graphql before 7.0.10 does not limit the number of directives for a field. This can lead to Service Disruption, Resource Exhaustion, and User Experience Degradation. This vulnerability is fixed in 7.0.10...

CVE-2024-47614 async-graphql vulnerable to Directive Overload

async-graphql is a GraphQL server library implemented in Rust. async-graphql before 7.0.10 does not limit the number of directives for a field. This can lead to Service Disruption, Resource Exhaustion, and User Experience Degradation. This vulnerability is fixed in 7.0.10...

async-graphql 安全漏洞

async-graphql is a fully compliant high-performance graphql server library from the async-graphql open source. A security vulnerability exists in async-graphql versions prior to 7.0.10 that stems from the number of commands in an unrestricted field, which could lead to service disruption, resourc...

PT-2024-32674

Name of the Vulnerable Software and Affected Versions async-graphql versions prior to 7.0.10 Description The issue is related to the async-graphql library, a GraphQL server implemented in Rust, where it does not limit the number of directives for a field. This can lead to Service Disruption,...

apollo-gateway-rs (>=0.7.5 <=0.7.6), aqlgen (>=0.1.0 <=0.8.0) +61 more potentially affected by unknown CVE via async-graphql (>=1.13.4 <=4.0.16)

async-graphql CARGO version =1.13.4, =0.7.5, =0.1.0, =0.1.0, =0.1.0, =0.0.1-alpha+3, =0.1.0, =2.9.13, =0.1.0-beta.0, =2.9.12, =0.2.0, =1.14.10, =0.1.0, =1.0.0, =4.0.16 and more Source cves: unknown CVE Source advisory: OSV:GHSA-XQ3C-8GQM-V648...

apollo-gateway-rs (>=0.7.5 <=0.7.6), aqlgen (>=0.1.0 <=0.8.0) +61 more potentially affected by unknown CVE via async-graphql (>=1.13.4 <=4.0.16)

async-graphql CARGO version =1.13.4, =0.7.5, =0.1.0, =0.1.0, =0.1.0, =0.0.1-alpha+3, =0.1.0, =2.9.13, =0.1.0-beta.0, =2.9.12, =0.2.0, =1.14.10, =0.1.0, =1.0.0, =4.0.16 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0037...