Act1On3

**Name of the Vulnerable Software and Affected Versions** graphql-java versions prior to 19.0 graphql-java version 18.3 graphql-java version 17.4 **Description** The issue allows an attacker to send a malicious GraphQL query that consumes CPU resources, leading to a Denial of Service. This can be achieved by exploiting the `graphql-java` functionality, specifically through crafting malicious queries that overwhelm the system's resources. **Recommendations** For versions prior to 19.0, update to version 19.0 or later. For version 18.3, no additional action is required as it is a fixed version. For version 17.4, no additional action is required as it is a fixed version. As a temporary workaround, consider restricting the use of malicious GraphQL queries to minimize the risk of exploitation.