CVE-2023-38976

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-38976

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-38976.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-38976

Aliases

Related

CGA-wphh-9rvv-rpgj

Published

2023-08-21T17:15:48.127Z

Modified

2026-03-14T12:13:52.140965Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

An issue in weaviate v.1.20.0 allows a remote attacker to cause a denial of service via the handleUnbatchedGraphQLRequest function.

References

Affected packages

Git / github.com/weaviate/weaviate

Affected ranges

Type

GIT

Repo

https://github.com/weaviate/weaviate

Events

Introduced

Last affected

5ea51682b1a3a6d6299e72f1bac9d1a539e40679

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.20.0"
        }
    ]
}

Affected versions

0.*

0.0.0

0.13.0

0.13.1

0.14.0

0.14.1

0.14.2

0.14.3

0.14.4

0.14.5

0.14.6

0.15.0

0.16.0

0.16.1

0.16.2

0.17.0

0.17.1

0.18.0

0.18.1

0.19.0

0.19.1

0.19.2

0.19.3

0.19.4

0.20.0

0.20.0-rc0

0.20.1

0.20.2

0.20.3

0.20.4

0.21.0

0.21.1

0.21.10

0.21.11

0.21.12

0.21.2

0.21.3

0.21.4

0.21.5

0.21.6

0.21.7

0.21.8

0.21.9

0.22.0

0.22.1

0.22.10

0.22.11

0.22.12

0.22.13

0.22.14

0.22.15

0.22.17

0.22.18

0.22.19

0.22.2

0.22.20

0.22.3

0.22.4

0.22.5

0.22.6

0.22.8

0.22.9

0.23.0

0.23.1

0.23.2

0.7.0

0.8.5

0.8.6

1.*

1.0.0-rc0

1.0.0-rc1

1.0.0-rc2

1.0.0-rc3

1.0.0-rc4

v0.*

v0.22.18

v0.22.19

v0.22.20

v1.*

v1.0.0

v1.0.1

v1.0.2

v1.0.3

v1.0.4

v1.1.0

v1.10.0

v1.10.1

v1.11.0

v1.12.0

v1.12.1

v1.12.2

v1.13.0

v1.13.1

v1.13.2

v1.14.0

v1.14.1

v1.15.0

v1.15.0-alpha1

v1.15.1

v1.15.2

v1.15.3

v1.15.4

v1.15.5

v1.16.0

v1.16.1

v1.16.2

v1.16.3

v1.16.4

v1.16.5

v1.16.6

v1.16.7

v1.16.8

v1.16.9

v1.17.0

v1.17.1

v1.17.2

v1.17.2-rc.0

v1.17.3

v1.17.4

v1.17.5

v1.18.0

v1.18.0-alpha.0

v1.18.0-alpha.1

v1.18.0-rc.0

v1.18.0-rc.1

v1.18.1

v1.18.2

v1.18.3

v1.18.4

v1.19.0

v1.19.0-beta.0

v1.19.0-beta.1

v1.19.1

v1.19.10

v1.19.11

v1.19.12

v1.19.2

v1.19.3

v1.19.4

v1.19.5

v1.19.6

v1.19.7

v1.19.8

v1.19.9

v1.2.0

v1.2.1

v1.20.0

v1.3.0

v1.4.0

v1.4.0-rc.0

v1.4.0-rc.1

v1.4.0-rc.2

v1.4.0-rc.3

v1.4.0-rc.4

v1.4.1

v1.5.0

v1.5.0-rc.0

v1.5.0-rc.1

v1.5.0-rc.2

v1.5.0-rc.3

v1.5.1

v1.5.2

v1.6.0

v1.7.0

v1.7.1

v1.7.2

v1.8.0

v1.8.0-rc.0

v1.8.0-rc.1

v1.8.0-rc.2

v1.8.0-rc.3

v1.9.0

v1.9.0-rc.0

v1.9.1

v1.9.1-rc.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-38976.json"