CVE-2023-28867

Name of the Vulnerable Software and Affected Versions graphql-java versions prior to 20.1 graphql-java versions prior to 19.4 graphql-java versions prior to 18.4 graphql-java versions prior to 17.5

Description An attacker can send a crafted GraphQL query that causes stack consumption. The issue affects devices running the vulnerable software, but the estimated number of potentially affected devices worldwide is not specified. There is no information provided about real-world incidents where this issue was exploited.

Recommendations For versions prior to 20.1, update to version 20.1 or later. For versions prior to 19.4, update to version 19.4 or later. For versions prior to 18.4, update to version 18.4 or later. For versions prior to 17.5, update to version 17.5 or later.