Name of the Vulnerable Software and Affected Versions graphql-shield versions prior to 6.0.6

Description The issue concerns an Authorization Bypass in the graphql-shield library. It is caused by the rule caching option no cache relying on keys generated by cryptographically insecure functions, potentially leading to incorrect caching of rules. This can result in attackers accessing information they should not have access to in the event of a key collision.

Recommendations Upgrade to version 6.0.6 or later.