OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-06 19:49:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
3338fcfb59cea5fcd7d2a4e7fe24cbc7cb778003
advisory-db/crates/async-graphql/RUSTSEC-2022-0037.md
pinkforest(she/her) 3b3160baec Fix async-graphql patched (#1326)
2022-08-06 16:41:24 +10:00

533 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2022-0037"
package = "async-graphql"
date = "2022-07-21"
url = "https://github.com/async-graphql/async-graphql/commit/521769b80039fc8043d1c9883e3d6e5b57359072"
categories = ["denial-of-service"]
cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
aliases = ["GHSA-xq3c-8gqm-v648"]
related = ["GHSA-4rx6-g5vg-5f3j"]

[versions]
patched = [">= 4.0.6"]

Denial of service on deeply nested fragment requests

Deeply nested fragments in a GraphQL request may cause a stack overflow in the server.