CVE-2022-30288

** DISPUTED ** Agoo before 2.14.3 does not reject GraphQL fragment spreads that form cycles, leading to an application crash. NOTE: the vendor has disputed this on the grounds that it is not the server's responsibility to "enforce all the various ways a developer could write code with logic errors."
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:ohler:agoo:*:*:*:*:*:ruby:*:*

Information

Published : 2022-05-04 16:15

Updated : 2022-05-13 07:47


NVD link : CVE-2022-30288

Mitre link : CVE-2022-30288


JSON object : View

Advertisement

dedicated server usa

Products Affected

ohler

  • agoo