OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-13 21:18:11 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
81e6e5a8e10a63de5642f7b6d149c5dfd5512ea8
advisory-db/crates/juniper/RUSTSEC-2022-0038.md
github-actions[bot] ec93834e77 Assigned RUSTSEC-2022-0037 to async-graphql, RUSTSEC-2022-0038 to juniper (#1298) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
2022-08-03 03:59:55 +10:00

532 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2022-0038"
package = "juniper"
date = "2022-07-28"
url = "https://github.com/graphql-rust/juniper/security/advisories/GHSA-4rx6-g5vg-5f3j"
categories = ["denial-of-service"]
cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
aliases = ["GHSA-4rx6-g5vg-5f3j", "CVE-2022-31173"]
related = ["GHSA-xq3c-8gqm-v648"]

[versions]
patched = [">= 0.15.10"]

Denial of service on deeply nested fragment requests

Deeply nested fragments in a GraphQL request may cause a stack overflow in the server.