CVE-2019-18455

An issue was discovered in GitLab Community and Enterprise Edition 11 through 12.4 when building Nested GraphQL queries. It has a large or infinite loop...

CVE-2019-18455

An issue was discovered in GitLab Community and Enterprise Edition 11 through 12.4 when building Nested GraphQL queries. It has a large or infinite loop...

CVE-2019-18455

An issue was discovered in GitLab Community and Enterprise Edition 11 through 12.4 when building Nested GraphQL queries. It has a large or infinite loop...

Code injection

An issue was discovered in GitLab Community and Enterprise Edition 11 through 12.4 when building Nested GraphQL queries. It has a large or infinite loop...

CVE-2019-18455

GitLab Community and Enterprise Edition versions 11–12.4 are affected by a Denial of Service due to a large or infinite loop when building Nested GraphQL queries. Root cause: improper handling of nested GraphQL query expansion leads to resource exhaustion. Impact: availability degradation (DoS) w...

CVE-2019-18455

An issue was discovered in GitLab Community and Enterprise Edition 11 through 12.4 when building Nested GraphQL queries. It has a large or infinite loop...

CVE-2019-18455

Removed by vendor...

Trint Ltd: SSO bypass in zendesk using trint organization able to leak internal ticket information

Summary hello there because in app.trint.com there's no email verification i able to login in your zendesk SSO using your organization your organization using domain @trint.com because there's no email verification i able to read and takeover + claim this email [email protected] and i able to...

Securing GraphQL. Part 1

GraphQL is an alternative to the REST concept that allows working with the data in a more structured and object-oriented way. This technology is very famous and used by many enterprise companies such as Facebook, Walmart, Intuit among other. Whether you know it or not, GraphQL has a significant...

HackerOne: Reporter, external users, collaborators can mark sent swag awarded to reporter as unsent

An Insecure Direct Object Reference IDOR vulnerability allow the reporter, external users, and collaborators to mark sent swag that was awarded to the reporter as unsent. This may result in swag being sent multiple times. Proof of concept Follow the steps below to reproduce the vulnerability. sig...

HackerOne: Private program disclosure via `vpn_suspended` GraphQL query

Summary: vpnsuspended of Team object got exposed Description: An attacker can get vpnsuspended value of any program including external program which also have private program eg. █████ and external program which does not have private program What an attacker can do with this ? If an external...

Incorrect Access Control vulnerability in api-platform/core

API Platform version from 2.2.0 to 2.3.5 contains an Incorrect Access Control vulnerability in GraphQL delete mutations that can result in a user authorized to delete a resource can delete any resource. This attack appears to be exploitable via the user must be authorized. This vulnerability...

GHSA-974J-WJXX-WGGJ Incorrect Access Control vulnerability in api-platform/core

API Platform version from 2.2.0 to 2.3.5 contains an Incorrect Access Control vulnerability in GraphQL delete mutations that can result in a user authorized to delete a resource can delete any resource. This attack appears to be exploitable via the user must be authorized. This vulnerability...

HackerOne: Disclosure of `payment_transactions` for programs via GraphQL query

Summary: payment transactions count of programs exposed Description: payment transactions details can be only accessed by program team members, but there is an flaw, with that, an unauthorized user can get payment transactions count of any program i have confirmed only with public program Steps T...

HackerOne: Team object in GraphQL disclosed of private programs via the industry

Summary: Disclosure of private programs across the industry If the program is private, it will show industriy Steps To Reproduce "query": "query teamhandle:\"█████████\"id,industry" "data":"team":"id":"█████████","industry":"Computer Hardware \u0026 Peripherals" "query": "query...

Authorization Bypass

graphql-shield is vulnerable to authorization bypass. There is a flaw in rule setting for nocache option which uses keys generated from insecure cryptographic functions, allowing an attacker to incorrectly cache rules and access information via key collision...

Authorization Bypass

Overview Versions of graphql-shield prior to 6.0.6 are vulnerable to an Authorization Bypass. The rule caching option nocache relies on keys generated by cryptographically insecure functions, which may cause rules to be incorrectly cached. This allows attackers to access information they should n...

CVE-2019-1020015

graphql-engine aka Hasura GraphQL Engine before 1.0.0-beta.3 mishandles the audience check while verifying JWT...

CVE-2019-1020015

graphql-engine aka Hasura GraphQL Engine before 1.0.0-beta.3 mishandles the audience check while verifying JWT...

Hardcoded credentials

graphql-engine aka Hasura GraphQL Engine before 1.0.0-beta.3 mishandles the audience check while verifying JWT...