Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-hv3w-m4g2-5x77
  • PyPI/strawberry-graphql
 strawberry-graphql: Denial of Service via unbounded WebSocket subscriptions 06 Apr
  • Fix available
  • Severity - 7.5 (High)
GHSA-vpwc-v33q-mq89
  • PyPI/strawberry-graphql
 strawberry-graphql: Authentication bypass via legacy graphql-ws WebSocket subprotocol 06 Apr
  • Fix available
  • Severity - 7.5 (High)
GHSA-5xh2-23cc-5jc6
  • PyPI/strawberry-graphql
 Strawberry GraphQL has type resolution vulnerability in node interface that allows potential data leakage through incorrect type resolution 09 Jan 2025
  • Fix available
  • Severity - 3.7 (Low)
GHSA-79gp-q4wv-33fr
  • PyPI/strawberry-graphql
 Cross-Site Request Forgery (CSRF) in strawberry-graphql 25 Sep 2024
  • Fix available
  • Severity - 4.8 (Medium)
PYSEC-2024-171
  • PyPI/strawberry-graphql
  • github.com/strawberry-graphql/strawberry
 See record for full details 25 Sep 2024
  • Fix available
  • Severity - 8.0 (High)