High severityNVD Advisory· Published Aug 1, 2022· Updated Aug 3, 2024
CVE-2022-37315
CVE-2022-37315
Description
graphql-go (aka GraphQL for Go) through 0.8.0 has infinite recursion in the type definition parser.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/graphql-go/graphqlGo | < 0.8.1 | 0.8.1 |
Affected products
2- graphql-go/graphql-godescription
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-h3qm-jrrf-cgj3ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-37315ghsaADVISORY
- github.com/graphql-go/graphql/issues/637ghsax_refsource_MISCWEB
- github.com/graphql-go/graphql/pull/642ghsaWEB
- github.com/graphql-go/graphql/pull/642/commits/4188bd5b3877f7badb951b421cf66e0af2eacb22ghsaWEB
- pkg.go.dev/vuln/GO-2022-0942ghsaWEB
News mentions
0No linked articles in our index yet.