Headline

GHSA-2hmf-46v7-v6fx: gqlparser denial of service vulnerability via the parserDirectives function

An issue in vektah gqlparser open-source-library v.2.5.10 allows a remote attacker to cause a denial of service via a crafted script to the parserDirectives function.

5 months ago

ghsa

Open in Source

#vulnerability #dos #git

Navigation Menu

- Actions
  
  Automate any workflow
- Packages
  
  Host and manage packages
- Security
  
  Find and fix vulnerabilities
- Codespaces
  
  Instant dev environments
- GitHub Copilot
  
  Write better code with AI
- Code review
  
  Manage code changes
- Issues
  
  Plan and track work
- Discussions
  
  Collaborate outside of code

- GitHub Sponsors
  
  Fund open source developers

*   The ReadME Project
    
    GitHub community articles

- Enterprise platform
  
  AI-powered developer platform

Pricing

Provide feedback

Saved searches****Use saved searches to filter your results more quickly

GitHub Advisory Database
GitHub Reviewed
CVE-2023-49559

gqlparser denial of service vulnerability via the parserDirectives function

Moderate severity GitHub Reviewed Published Jun 12, 2024 to the GitHub Advisory Database • Updated Jun 12, 2024

Package

gomod github.com/vektah/gqlparser (Go)

Affected versions

< 2.5.14

gomod github.com/vektah/gqlparser/v2 (Go)

Description

Published to the GitHub Advisory Database

Jun 12, 2024

Last updated

Jun 12, 2024

ghsa: Latest News

GHSA-j3px-q95c-9683: zlib-rs stack overflow during decompression with malicious input

3 hours ago

ghsa

GHSA-p2h2-3vg9-4p87: Connecting to a malicious Codespaces via GH CLI could allow command execution on the user's computer

4 hours ago

ghsa

GHSA-hff8-hjwv-j9q7: Remote Code Execution on click of <a> Link in markdown preview

4 hours ago

ghsa

GHSA-rp9h-rf7g-hwgr: s2n-tls has undefined behavior at process exit

6 hours ago

ghsa

GHSA-4277-m35q-7c9w: Salt preflight script could be attacker controlled

15 hours ago

ghsa