Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
async-graphql vulnerable to Directive Overload
Vulnerability Description
async-graphql is a GraphQL server library implemented in Rust. async-graphql before 7.0.10 does not limit the number of directives for a field. This can lead to Service Disruption, Resource Exhaustion, and User Experience Degradation. This vulnerability is fixed in 7.0.10.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
不加限制或调节的资源分配
Vulnerability Title
async-graphql 安全漏洞
Vulnerability Description
async-graphql是async-graphql开源的一个完全符合规范的高性能 graphql 服务器库。 async-graphql 7.0.10之前版本存在安全漏洞,该漏洞源于不限制字段的指令数量,可能导致服务中断、资源耗尽和用户体验下降。
CVSS Information
N/A
Vulnerability Type
N/A