A flaw was found in the graphql package. Affected versions of this package are vulnerable to Denial of Service (DoS) due to insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when par ...
Continue Reading
December 15, 2023
Geth (aka go-ethereum) through 1.13.4, when --http --graphql is used, allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a crafted GraphQL query. NOTE: the v ...
Continue Reading
December 15, 2023
graphql is vulnerable to Denial Of Service. The vulnerability is due to an insufficient check/comparison between `node1` and `node2` in the `OverlappingFieldsCanBeMergedRule.ts` file. This can result ...
Continue Reading
December 15, 2023
Geth (aka go-ethereum) through 1.13.4, when --http --graphql is used, allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a crafted GraphQL query. NOTE: the v ...
Continue Reading
December 15, 2023
Imperva named an Overall Leader We're thrilled to share that Imperva has achieved the prestigious status of Overall Leader in the KuppingerCole Leadership Compass: API Security and Management rep ...
Continue Reading
December 15, 2023
org.springframework.graphql:spring-graphql is vulnerable to Information Disclosure. The vulnerability is due to an issue where an application provides a `DataLoaderOptions` instance when registering b ...
Continue Reading
December 15, 2023
Geth (aka go-ethereum) through 1.13.4, when `--http --graphql` is used, allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a crafted GraphQL query. NOTE: the ...
Continue Reading
December 15, 2023
A flaw was found in Quarkus. This issue occurs when receiving a request over websocket with no role-based permission specified on the GraphQL operation, Quarkus processes the request without authentic ...
Continue Reading
December 15, 2023
Back to Main
