Security Advisory

CVE-2022-30288

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-05-04 22:31:33

Last updated 2024-08-22 14:47:12

Assigner mitre

State PUBLISHED

Description

Agoo before 2.14.3 does not reject GraphQL fragment spreads that form cycles, leading to an application crash. NOTE: the vendor has disputed this on the grounds that it is not the servers responsibility to "enforce all the various ways a developer could write code with logic errors.

← Browse all CVEs View on cve.org ↗