Lucene search
K

8 matches found

Veracode
Veracode
added 2023/09/21 9:53 a.m.24 views

Denial Of Service

graphql is vulnerable to Denial Of Service. The vulnerability is due to an insufficient check/comparison between node1 and node2 in the OverlappingFieldsCanBeMergedRule.ts file. This can result in a degradation of system performance when processing large queries...

5.3CVSS6.7AI score0.01198EPSS
Exploits1References6Affected Software1
RedhatCVE
RedhatCVE
added 2023/09/21 4:54 a.m.30 views

CVE-2023-26144

A flaw was found in the graphql package. Affected versions of this package are vulnerable to Denial of Service DoS due to insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries. This issue may allow an attacker to degrade system performance...

5.3CVSS6.8AI score0.01198EPSS
Exploits1References8
Github Security Blog
Github Security Blog
added 2023/09/20 6:30 a.m.66 views

graphql Uncontrolled Resource Consumption vulnerability

Versions of the package graphql from 16.3.0 and before 16.8.1 are vulnerable to Denial of Service DoS due to insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries. This vulnerability allows an attacker to degrade system performance. Note: It was not proven...

5.3CVSS6.7AI score0.01198EPSS
Exploits1References7Affected Software1
Prion
Prion
added 2023/09/20 5:15 a.m.19 views

Input validation

Versions of the package graphql from 16.3.0 and before 16.8.1 are vulnerable to Denial of Service DoS due to insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries. This vulnerability allows an attacker to degrade system performance. Note: It was not proven...

5CVSS5.4AI score0.01198EPSS
Exploits1References5Affected Software1
UbuntuCve
UbuntuCve
added 2023/09/20 5:15 a.m.32 views

CVE-2023-26144

Versions of the package graphql from 16.3.0 and before 16.8.1 are vulnerable to Denial of Service DoS due to insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries. This vulnerability allows an attacker to degrade system performance. Note: It was not proven...

5.3CVSS6.4AI score0.01198EPSS
Exploits1References6
Cvelist
Cvelist
added 2023/09/20 5:0 a.m.40 views

CVE-2023-26144

Versions of the package graphql from 16.3.0 and before 16.8.1 are vulnerable to Denial of Service DoS due to insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries. This vulnerability allows an attacker to degrade system performance. Note: It was not proven...

5.3CVSS5.4AI score0.01198EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2023/09/20 5:0 a.m.18 views

CVE-2023-26144

Versions of the package graphql from 16.3.0 and before 16.8.1 are vulnerable to Denial of Service DoS due to insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries. This vulnerability allows an attacker to degrade system performance. Note: It was not proven...

5.3CVSS6.5AI score0.01198EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2023/09/20 5:0 a.m.21 views

CVE-2023-26144

Versions of the package graphql from 16.3.0 and before 16.8.1 are vulnerable to Denial of Service DoS due to insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries. This vulnerability allows an attacker to degrade system performance. Note: It was not proven...

5.3CVSS5.6AI score0.01198EPSS
Exploits1
Rows per page
Query Builder