Количество 2
Количество 2
CVE-2022-30288
Agoo before 2.14.3 does not reject GraphQL fragment spreads that form cycles, leading to an application crash. NOTE: the vendor has disputed this on the grounds that it is not the server's responsibility to "enforce all the various ways a developer could write code with logic errors.
GHSA-656c-777j-wp92
Agoo through 2.14.2 does not reject GraphQL fragment spreads that form cycles, leading to an application crash.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-30288 Agoo before 2.14.3 does not reject GraphQL fragment spreads that form cycles, leading to an application crash. NOTE: the vendor has disputed this on the grounds that it is not the server's responsibility to "enforce all the various ways a developer could write code with logic errors. | CVSS3: 7.5 | 0% Низкий | почти 4 года назад |
| GHSA-656c-777j-wp92 Agoo through 2.14.2 does not reject GraphQL fragment spreads that form cycles, leading to an application crash. | CVSS3: 7.5 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу