Vulnerabilities > CVE-2022-37734 - Unspecified vulnerability in Graphql-Java Project Graphql-Java
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
graphql-java before19.0 is vulnerable to Denial of Service. An attacker can send a malicious GraphQL query that consumes CPU resources. The fixed versions are 19.0 and later, 18.3, and 17.4, and 0.0.0-2022-07-26T05-45-04-226aabd9.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
References
- https://github.com/graphql-java/graphql-java/discussions/2958
- https://github.com/graphql-java/graphql-java/issues/2888
- https://github.com/graphql-java/graphql-java/pull/2892
- https://github.com/graphql-java/graphql-java/releases
- https://github.com/graphql-java/graphql-java/discussions/2958
- https://github.com/graphql-java/graphql-java/releases
- https://github.com/graphql-java/graphql-java/pull/2892
- https://github.com/graphql-java/graphql-java/issues/2888