VYPR

Strawberry

by Strawberry

CVEs (3)

  • CVE-2026-47706MedJun 4, 2026
    risk 0.27cvss 5.3epss 0.00

    Strawberry GraphQL is a library for creating GraphQL APIs. In versions 0.71.0 through 0.315.6, the QueryDepthLimiter extension is vulnerable to an Application-level DOS due to a lack of cycle detection in fragment spreads. When a query contains circular fragment references the…

  • CVE-2009-1774May 22, 2009
    risk 0.04cvss epss 0.18

    Directory traversal vulnerability in plugins/ddb/foot.php in Strawberry 1.1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter to example/index.php. NOTE: this was originally reported as an issue affecting the do…

  • CVE-2022-36564Aug 30, 2022
    risk 0.00cvss epss 0.01

    Incorrect access control in the install directory (C:\Strawberry) of StrawberryPerl v5.32.1.1 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory.