CVE-2023-38976

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-38976

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-38976.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-38976

Aliases

Related

CGA-66vr-33vf-pw3m

Published

2023-08-21T17:15:48.127Z

Modified

2025-11-20T12:19:11.042452Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

An issue in weaviate v.1.20.0 allows a remote attacker to cause a denial of service via the handleUnbatchedGraphQLRequest function.

References

Affected packages

Git / github.com/weaviate/weaviate

Affected ranges

Type: GIT
Repo: https://github.com/weaviate/weaviate
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

5ea51682b1a3a6d6299e72f1bac9d1a539e40679

Affected versions

0.*

0.0.0

0.13.0

0.13.1

0.14.0

0.14.1

0.14.2

0.14.3

0.14.4

0.14.5

0.14.6

0.15.0

0.16.0

0.16.1

0.16.2

0.17.0

0.17.1

0.18.0

0.18.1

0.19.0

0.19.1

0.19.2

0.19.3

0.19.4

0.20.0

0.20.0-rc0

0.20.1

0.20.2

0.20.3

0.20.4

0.21.0

0.21.1

0.21.10

0.21.11

0.21.12

0.21.2

0.21.3

0.21.4

0.21.5

0.21.6

0.21.7

0.21.8

0.21.9

0.22.0

0.22.1

0.22.10

0.22.11

0.22.12

0.22.13

0.22.14

0.22.15

0.22.17

0.22.18

0.22.19

0.22.2

0.22.20

0.22.3

0.22.4

0.22.5

0.22.6

0.22.8

0.22.9

0.23.0

0.23.1

0.23.2

0.7.0

0.8.5

0.8.6

1.*

1.0.0-rc0

1.0.0-rc1

1.0.0-rc2

1.0.0-rc3

1.0.0-rc4

v0.*

v0.22.18

v0.22.19

v0.22.20

v1.*

v1.0.0

v1.0.1

v1.0.2

v1.0.3

v1.0.4

v1.1.0

v1.10.0

v1.10.1

v1.11.0

v1.12.0

v1.12.1

v1.12.2

v1.13.0

v1.13.1

v1.13.2

v1.14.0

v1.14.1

v1.15.0

v1.15.0-alpha1

v1.15.1

v1.15.2

v1.15.3

v1.15.4

v1.15.5

v1.16.0

v1.16.1

v1.16.2

v1.16.3

v1.16.4

v1.16.5

v1.16.6

v1.16.7

v1.16.8

v1.16.9

v1.17.0

v1.17.1

v1.17.2

v1.17.2-rc.0

v1.17.3

v1.17.4

v1.17.5

v1.18.0

v1.18.0-alpha.0

v1.18.0-alpha.1

v1.18.0-rc.0

v1.18.0-rc.1

v1.18.1

v1.18.2

v1.18.3

v1.18.4

v1.19.0

v1.19.0-beta.0

v1.19.0-beta.1

v1.19.1

v1.19.10

v1.19.11

v1.19.12

v1.19.2

v1.19.3

v1.19.4

v1.19.5

v1.19.6

v1.19.7

v1.19.8

v1.19.9

v1.2.0

v1.2.1

v1.20.0

v1.3.0

v1.4.0

v1.4.0-rc.0

v1.4.0-rc.1

v1.4.0-rc.2

v1.4.0-rc.3

v1.4.0-rc.4

v1.4.1

v1.5.0

v1.5.0-rc.0

v1.5.0-rc.1

v1.5.0-rc.2

v1.5.0-rc.3

v1.5.1

v1.5.2

v1.6.0

v1.7.0

v1.7.1

v1.7.2

v1.8.0

v1.8.0-rc.0

v1.8.0-rc.1

v1.8.0-rc.2

v1.8.0-rc.3

v1.9.0

v1.9.0-rc.0

v1.9.1

v1.9.1-rc.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-38976.json"