Site icon API Security Blog

CVE-2024-50311 Graphql: denial of service (dos) vulnerability via graphql batching

A denial of service (DoS) vulnerability was found in OpenShift. This flaw allows attackers to exploit the GraphQL batching functionality. The vulnerability arises when multiple queries can be sent within a single request, enabling an attacker to submit a request containing thousands of aliases in one query. This issue causes excessive resource consumption, leading to application unavailability for legitimate…Read More

Exit mobile version