Lucene search
+L

6 matches found

redhatcve
redhatcve
added 2026/06/05 7:23 p.m.12 views

CVE-2026-43967

Inefficient Algorithmic Complexity vulnerability in absinthe-graphql absinthe allows unauthenticated denial of service via quadratic fragment-name uniqueness validation. 'Elixir.Absinthe.Phase.Document.Validation.UniqueFragmentNames':run/2 iterates over all fragments and for each one calls...

8.7CVSS5.5AI score0.00624EPSS
Exploits1References1
euvd
euvd
added 2026/05/14 1:8 p.m.22 views

EUVD-2026-28800

Absinthe: Quadratic fragment-name uniqueness check...

8.7CVSS5.8AI score0.00624EPSS
Exploits1References5
vulnrichment
vulnrichment
added 2026/05/08 3:42 p.m.10 views

CVE-2026-43967 Quadratic fragment-name uniqueness check causes denial of service in absinthe

Inefficient Algorithmic Complexity vulnerability in absinthe-graphql absinthe allows unauthenticated denial of service via quadratic fragment-name uniqueness validation. 'Elixir.Absinthe.Phase.Document.Validation.UniqueFragmentNames':run/2 iterates over all fragments and for each one calls...

8.7CVSS5.8AI score0.00624EPSS
Exploits1References4
osv
osv
added 2026/05/08 3:42 p.m.3 views

CVE-2026-43967 Quadratic fragment-name uniqueness check causes denial of service in absinthe

Inefficient Algorithmic Complexity vulnerability in absinthe-graphql absinthe allows unauthenticated denial of service via quadratic fragment-name uniqueness validation. 'Elixir.Absinthe.Phase.Document.Validation.UniqueFragmentNames':run/2 iterates over all fragments and for each one calls...

8.7CVSS5.9AI score0.00624EPSS
Exploits1References9
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.11 views

Absinthe 安全漏洞

Absinthe is an open-source GraphQL implementation framework based on Elixir. Versions of Absinthe from 1.2.0 to 1.10.2 contained security vulnerabilities. These vulnerabilities were due to a quadratic algorithm complexity issue in the uniqueness validation of fragment names, which could lead to...

8.7CVSS5.8AI score0.00624EPSS
Exploits1References1
ptsecurity
ptsecurity
added 2026/05/08 12:0 a.m.17 views

PT-2026-39148

Name of the Vulnerable Software and Affected Versions absinthe versions 1.2.0 through 1.10.1 Description An inefficient algorithmic complexity issue allows unauthenticated denial of service through quadratic fragment-name uniqueness validation. The function run/2 within...

8.7CVSS5.8AI score0.00624EPSS
Exploits1References10
Rows per page
Query Builder