Security Advisory

CVE-2024-40094

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-07-30 00:00:00
Last updated 2024-11-20 20:13:40
Assigner mitre
State PUBLISHED

Description

GraphQL Java (aka graphql-java) before 21.5 does not properly consider ExecutableNormalizedFields (ENFs) as part of preventing denial of service via introspection queries. 20.9 and 19.11 are also fixed versions.