Unrated severityNVD Advisory· Published Oct 22, 2024· Updated Nov 11, 2025
Graphql: information disclosure via graphql introspection in openshift
CVE-2024-50312
Description
A vulnerability was found in GraphQL due to improper access controls on the GraphQL introspection query. This flaw allows unauthorized users to retrieve a comprehensive list of available queries and mutations. Exposure to this flaw increases the attack surface, as it can facilitate the discovery of flaws or errors specific to the application's GraphQL implementation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8cpe:/a:redhat:openshift:4.16::el9+ 1 more
- cpe:/a:redhat:openshift:4.16::el9range: v4.16.0-202501080105.p0.g6fe3e8b.assembly.stream.el9
- cpe:/a:redhat:openshift:4.17::el9range: v4.17.0-202501080135.p0.gedbd12e.assembly.stream.el9
- osv-coords6 versionspkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Tumbleweedpkg:rpm/suse/govulncheck-vulndb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5pkg:rpm/suse/govulncheck-vulndb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/govulncheck-vulndb&distro=SUSE%20Package%20Hub%2012
< 0.0.20241030T212825-150000.1.9.1+ 5 more
- (no CPE)range: < 0.0.20241030T212825-150000.1.9.1
- (no CPE)range: < 0.0.20241030T212825-150000.1.9.1
- (no CPE)range: < 0.0.20241030T212825-1.1
- (no CPE)range: < 0.0.20241030T212825-150000.1.9.1
- (no CPE)range: < 0.0.20241030T212825-150000.1.9.1
- (no CPE)range: < 0.0.20241104T154416-5.1
Patches
Vulnerability mechanics
References
5- access.redhat.com/errata/RHSA-2025:0115mitrevendor-advisoryx_refsource_REDHAT
- access.redhat.com/errata/RHSA-2025:0140mitrevendor-advisoryx_refsource_REDHAT
- access.redhat.com/security/cve/CVE-2024-50312mitrevdb-entryx_refsource_REDHAT
- bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT
- github.com/openshift/console/pull/14409/filesmitre
News mentions
0No linked articles in our index yet.