Lucene search
+L

9 matches found

GithubExploit
GithubExploit
added 2025/12/26 6:14 p.m.308 views

Exploit for CVE-2025-27407

PoCCVE-2025-27407 Proof of concept for a remote code executi...

9CVSS9.2AI score0.02865EPSS
Exploits2
Debian
Debian
added 2025/08/04 1:11 a.m.42 views

[SECURITY] [DLA 4263-1] ruby-graphql security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-4263-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta August 04, 2025 https://wiki.debian.org/LTS -...

9CVSS9.1AI score0.02865EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2025/08/04 12:0 a.m.7 views

Debian dla-4263 : ruby-graphql - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4263 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-4263-1 [email protected] https://www.debian.org/lts/security/...

9CVSS8.7AI score0.02865EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2025/08/04 12:0 a.m.7 views

Debian: Security Advisory (DLA-4263-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS7.5AI score0.02865EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2025/03/13 8:33 a.m.12 views

CVE-2025-27407

A flaw was found in graphql-ruby. In affected versions of graphq-ruby, loading a malicious schema definition in the GraphQL::Schema.fromintrospection or the GraphQL::Schema::Loader.load can cause remote code execution. Any system that loads a schema by JSON from an untrusted source is vulnerable,...

8.5CVSS7.2AI score0.02865EPSS
Exploits2References12
Cvelist
Cvelist
added 2025/03/12 6:15 p.m.90 views

CVE-2025-27407 Remote code execution when loading a crafted GraphQL schema

graphql-ruby is a Ruby implementation of GraphQL. Starting in version 1.11.5 and prior to versions 1.11.8, 1.12.25, 1.13.24, 2.0.32, 2.1.14, 2.2.17, and 2.3.21, loading a malicious schema definition in GraphQL::Schema.fromintrospection or GraphQL::Schema::Loader.load can result in remote code...

9CVSS0.02865EPSS
Exploits2References10
Vulnrichment
Vulnrichment
added 2025/03/12 6:15 p.m.19 views

CVE-2025-27407 Remote code execution when loading a crafted GraphQL schema

graphql-ruby is a Ruby implementation of GraphQL. Starting in version 1.11.5 and prior to versions 1.11.8, 1.12.25, 1.13.24, 2.0.32, 2.1.14, 2.2.17, and 2.3.21, loading a malicious schema definition in GraphQL::Schema.fromintrospection or GraphQL::Schema::Loader.load can result in remote code...

9CVSS9.4AI score0.02865EPSS
Exploits2References10
CVE
CVE
added 2025/03/12 6:15 p.m.295 views

CVE-2025-27407

CVE-2025-27407 concerns graphql-ruby: loading a malicious schema via GraphQL::Schema.from_introspection (or GraphQL::Schema::Loader.load) can lead to remote code execution. Affected versions are pre-patches: 1.11.5–1.11.7, 1.11.? (and 1.12.24, 1.13.23, 2.0.31, 2.1.13, 2.2.16, 2.3.20). Patches exi...

9CVSS9.4AI score0.02865EPSS
Exploits2References11
Debian CVE
Debian CVE
added 2025/03/12 6:15 p.m.115 views

CVE-2025-27407

graphql-ruby is a Ruby implementation of GraphQL. Starting in version 1.11.5 and prior to versions 1.11.8, 1.12.25, 1.13.24, 2.0.32, 2.1.14, 2.2.17, and 2.3.21, loading a malicious schema definition in GraphQL::Schema.fromintrospection or GraphQL::Schema::Loader.load can result in remote code...

9CVSS9.1AI score0.02865EPSS
Exploits2
Rows per page
Query Builder