Количество 2
Количество 2
CVE-2021-43801
Mercurius is a GraphQL adapter for Fastify. Any users from Mercurius@8.10.0 to 8.11.1 are subjected to a denial of service attack by sending a malformed JSON to `/graphql` unless they are using a custom error handler. The vulnerability has been fixed in https://github.com/mercurius-js/mercurius/pull/678 and shipped as v8.11.2. As a workaround users may use a custom error handler.
GHSA-273r-rm8g-7f3x
Uncaught Exception in mercurius
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-43801 Mercurius is a GraphQL adapter for Fastify. Any users from Mercurius@8.10.0 to 8.11.1 are subjected to a denial of service attack by sending a malformed JSON to `/graphql` unless they are using a custom error handler. The vulnerability has been fixed in https://github.com/mercurius-js/mercurius/pull/678 and shipped as v8.11.2. As a workaround users may use a custom error handler. | CVSS3: 7.5 | 0% Низкий | почти 4 года назад |
| GHSA-273r-rm8g-7f3x Uncaught Exception in mercurius | CVSS3: 7.5 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу