CVE-2022-37734

Uncontrolled Resource Consumption in maven/com.graphql-java/graphql-java

Identifiers

CVE-2022-37734

Package Slug

maven/com.graphql-java/graphql-java

Vulnerability

Uncontrolled Resource Consumption

Description

graphql-java before19.0 is vulnerable to Denial of Service. An attacker can send a malicious GraphQL query that consumes CPU resources. The fixed versions are 19.0 and later, 18.3, and 17.4.

Affected Versions

All versions before 17.4, all versions starting from 18.0 before 18.3

Solution

Upgrade to versions 17.4, 18.3 or above.

Last Modified

2022-09-15

source