Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:46 a.m.14 views

CVE-2023-22477

Mercurius is a GraphQL adapter for Fastify. Any users of Mercurius until version 10.5.0 are subjected to a denial of service attack by sending a malformed packet over WebSocket to /graphql. This issue was patched in 940. As a workaround, users can disable subscriptions...

7.5CVSS6.7AI score0.01056EPSS
Exploits1References1
NVD
NVD
added 2023/01/09 3:15 p.m.13 views

CVE-2023-22477

Mercurius is a GraphQL adapter for Fastify. Any users of Mercurius until version 10.5.0 are subjected to a denial of service attack by sending a malformed packet over WebSocket to /graphql. This issue was patched in 940. As a workaround, users can disable subscriptions...

7.5CVSS6.1AI score0.01056EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/01/09 2:12 p.m.7 views

CVE-2023-22477 Mercurius is vulnerable to denial of service (DoS) when using subscriptions

Mercurius is a GraphQL adapter for Fastify. Any users of Mercurius until version 10.5.0 are subjected to a denial of service attack by sending a malformed packet over WebSocket to /graphql. This issue was patched in 940. As a workaround, users can disable subscriptions...

5.3CVSS6.4AI score0.01056EPSS
Exploits1References3
CVE
CVE
added 2023/01/09 2:12 p.m.55 views

CVE-2023-22477

Summary: CVE-2023-22477 affects Mercurius (GraphQL adapter for Fastify) prior to v10.5.0. A malformed WebSocket packet sent to "/graphql" can cause a denial of service. The issue is documented in multiple sources and was patched in PR #940, with the fix released in v11.5.0 (and v8.13.2 in some br...

7.5CVSS6.1AI score0.01056EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder