CVE-2025-2246

An issue has been discovered in GitLab CE/EE affecting all versions before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that could have allowed unauthenticated users to access sensitive manual CI/CD variables by querying the GraphQL API...

Linux Distros Unpatched Vulnerability : CVE-2023-0921

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A lack of length validation in GitLab CE/EE affecting all versions from 8.3 before 15.10.8, 15.11 before 15.11.7, and 16.0 before 16.0.2 allows an authenticated...

PT-2023-21562 · Silverstripe · Silverstripe/Graphql

Name of the Vulnerable Software and Affected Versions: silverstripe/graphql versions 4.1.1 through 4.2.2 Description: The issue allows an attacker to execute a denial of service attack against a website with a publicly exposed GraphQL endpoint using a specially crafted GraphQL query. This mostly...

cruddl 安全漏洞

cruddl is an open source library from AEB Germany. Used to create a GraphQL API for your database , using GraphQL SDL for your architecture modeling . cruddl has a security vulnerability , an attacker can use this vulnerability can be able to inject arbitrary AQL queries , these queries will be...