Vulnerability Database
Blog
FAQ
Docs
GHSA-xq3c-8gqm-v648
Source
https://github.com/advisories/GHSA-xq3c-8gqm-v648
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/07/GHSA-xq3c-8gqm-v648/GHSA-xq3c-8gqm-v648.json
Aliases
RUSTSEC-2022-0037
Related
RUSTSEC-2022-0038
Published
2022-07-29T22:22:27Z
Modified
2023-11-08T04:24:30.352590Z
Details
Impact
Executing deeply nested queries may cause stack overflow.
Patches
Upgrade to
v4.0.6
References
https://github.com/async-graphql/async-graphql/security/advisories/GHSA-xq3c-8gqm-v648
https://github.com/async-graphql/async-graphql/commit/521769b80039fc8043d1c9883e3d6e5b57359072
https://github.com/async-graphql/async-graphql
https://rustsec.org/advisories/RUSTSEC-2022-0037.html
Affected packages
crates.io
/
async-graphql
Package
Name
async-graphql
Affected ranges
Type
SEMVER
Events
Introduced
0
The exact introduced commit is unknown
Fixed
4.0.6
GHSA-xq3c-8gqm-v648 - OSV