CVE-2021-41249

GraphQL Playground is a GraphQL IDE for development of graphQL focused applications. All versions of graphql-playground-react older than [email protected] are vulnerable to compromised HTTP schema introspection responses or schema prop values with malicious GraphQL type names,...

GraphQL 安全漏洞

GraphQL is an open source, API-oriented data query manipulation language and corresponding runtime environment created by GraphQL Open Source. A security vulnerability exists in GraphQL that stems from loading a malicious schema definition that could lead to remote code execution...

GHSA-Q6MV-284R-MP36 check-jsonschema default caching for remote schemas allows for cache confusion

Impact The default cache strategy uses the basename of a remote schema as the name of the file in the cache, e.g. https://example.org/schema.json will be stored as schema.json. This naming allows for conflicts. If an attacker can get a user to run check-jsonschema against a malicious schema URL,...

check-jsonschema default caching for remote schemas allows for cache confusion

Impact The default cache strategy uses the basename of a remote schema as the name of the file in the cache, e.g. https://example.org/schema.json will be stored as schema.json. This naming allows for conflicts. If an attacker can get a user to run check-jsonschema against a malicious schema URL,...

CVE-2024-53848

A flaw was found in check-jsonschema. The default cache strategy uses the basename of a remote schema as the name of the file in the cache, for example, https://example.org/schema.json, which will be stored as schema.json. This naming allows for conflicts. If an attacker can get a user to run...

CVE-2024-53848

The CVE-2024-53848 issue affects the check-jsonschema tool (and related advisories) where the default caching uses the remote schema basename (e.g., https://example.org/schema.json) as the cache filename. This can allow a malicious schema URL to overwrite or be substituted in the cache leading to...

CVE-2021-41249

GraphQL Playground is a GraphQL IDE for development of graphQL focused applications. All versions of graphql-playground-react older than [email protected] are vulnerable to compromised HTTP schema introspection responses or schema prop values with malicious GraphQL type names,...

Code injection

GraphQL Playground is a GraphQL IDE for development of graphQL focused applications. All versions of graphql-playground-react older than email protected are vulnerable to compromised HTTP schema introspection responses or schema prop values with malicious GraphQL type names, exposing a dynamic XS...

Remote Code Execution (RCE)

Overview djv is a dynamic json-schema validator Affected versions of this package are vulnerable to Remote Code Execution RCE. By controlling the schema file, an attacker can run arbitrary JavaScript code on the victim machine. POC: const djv = require'djv'; const env = new djv; const evilSchema ...