Strawberry
by Strawberry
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-47706 | Med | 0.27 | 5.3 | 0.00 | Jun 4, 2026 | Strawberry GraphQL is a library for creating GraphQL APIs. In versions 0.71.0 through 0.315.6, the QueryDepthLimiter extension is vulnerable to an Application-level DOS due to a lack of cycle detection in fragment spreads. When a query contains circular fragment references the… | ||
| CVE-2009-1774 | 0.04 | — | 0.18 | May 22, 2009 | Directory traversal vulnerability in plugins/ddb/foot.php in Strawberry 1.1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter to example/index.php. NOTE: this was originally reported as an issue affecting the do… | |||
| CVE-2022-36564 | 0.00 | — | 0.01 | Aug 30, 2022 | Incorrect access control in the install directory (C:\Strawberry) of StrawberryPerl v5.32.1.1 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory. |
- risk 0.27cvss 5.3epss 0.00
Strawberry GraphQL is a library for creating GraphQL APIs. In versions 0.71.0 through 0.315.6, the QueryDepthLimiter extension is vulnerable to an Application-level DOS due to a lack of cycle detection in fragment spreads. When a query contains circular fragment references the…
- CVE-2009-1774May 22, 2009risk 0.04cvss —epss 0.18
Directory traversal vulnerability in plugins/ddb/foot.php in Strawberry 1.1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter to example/index.php. NOTE: this was originally reported as an issue affecting the do…
- CVE-2022-36564Aug 30, 2022risk 0.00cvss —epss 0.01
Incorrect access control in the install directory (C:\Strawberry) of StrawberryPerl v5.32.1.1 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory.