EUVD-2024-0208

Malicious code in bioql PyPI...

PYSEC-2024-171

Strawberry GraphQL is a library for creating GraphQL APIs. Prior to version 0.243.0, multipart file upload support as defined in the GraphQL multipart request specification was enabled by default in all Strawberry HTTP view integrations. This made all Strawberry HTTP view integrations vulnerable ...

CVE-2024-47082

The CVE-2024-47082 entry describes a vulnerability in Strawberry GraphQL where multipart file upload support was enabled by default in HTTP view integrations prior to version 0.243.0, enabling CSRF attacks if CSRF protection was not explicitly enabled. The Django HTTP view integration had a defau...

CVE-2024-47082 Strawberry GraphQL Cross-Site Request Forgery (CSRF) vulnerability

Strawberry GraphQL is a library for creating GraphQL APIs. Prior to version 0.243.0, multipart file upload support as defined in the GraphQL multipart request specification was enabled by default in all Strawberry HTTP view integrations. This made all Strawberry HTTP view integrations vulnerable ...

Strawberry GraphQL 跨站请求伪造漏洞

Strawberry GraphQL is a Python GraphQL library utilizing type annotations in the Strawberry GraphQL open source. A cross-site request forgery vulnerability exists in Strawberry GraphQL versions prior to 0.243.0, which stems from vulnerability to cross-site request forgery CSRF attacks...