Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2022-37734

Published: 12/09/2022 Updated: 08/08/2023
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Graphql-java Project

Vulnerability Summary

graphql-java before19.0 is vulnerable to Denial of Service. An attacker can send a malicious GraphQL query that consumes CPU resources. The fixed versions are 19.0 and later, 18.3, and 17.4, and 0.0.0-2022-07-26T05-45-04-226aabd9.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

graphql-java project graphql-java

Vendor Advisories

Red Hat: Important: Red Hat build of Eclipse Vert.x 4.3.3 security update
Synopsis Important: Red Hat build of Eclipse Vertx 433 security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat build of Eclipse VertxRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives ...
Red Hat: Important: Red Hat build of Quarkus 2.13.5 release and security update
Synopsis Important: Red Hat build of Quarkus 2135 release and security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat build of Quarkus Red Hat ProductSecurity has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a ...
Red Hat: Important: Service Registry (container images) release and security update [2.3.0.GA]
Synopsis Important: Service Registry (container images) release and security update [230GA] Type/Severity Security Advisory: Important Topic An update to the images for Red Hat Integration Service Registry is now available from the Red Hat Container Catalog The purpose of this text-only errata is to inform you about the security issues fi ...
Red Hat:
graphql-java before190 is vulnerable to Denial of Service An attacker can send a malicious GraphQL query that consumes CPU resources The fixed versions are 190 and later, 183, and 174 ...

References

NVD-CWE-Otherhttps://github.com/graphql-java/graphql-java/pull/2892https://github.com/graphql-java/graphql-java/issues/2888https://github.com/graphql-java/graphql-java/discussions/2958https://github.com/graphql-java/graphql-java/releaseshttps://access.redhat.com/errata/RHSA-2022:6757https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2022-37734
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400CVE-2023-7252CVE-2024-21111denial of serviceCVE-2024-29661CVE-2024-22856remote attackersencryptionCVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook