GHSA-G56X-7J6W-G8R8
Vulnerability from github – Published: 2023-12-18 23:26 – Updated: 2023-12-22 22:26
VLAI?
Summary
Grackle has StackOverflowError in GraphQL query processing
Details
Impact
Prior to this fix, the GraphQL query parsing was vulnerable to StackOverflowErrors. The possibility of small queries resulting in stack overflow is a potential denial of service vulnerability.
This potentially affects all applications using Grackle which have untrusted users.
[!CAUTION]
No specific knowledge of an application's GraphQL schema would be required to construct a pathological query.
Patches
The stack overflow issues have been resolved in the v0.18.0 release of Grackle.
Workarounds
Users could interpose a sanitizing layer in between untrusted input and Grackle query processing.
Severity ?
7.5 (High)
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.typelevel:grackle-core_2.13"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.18.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.typelevel:grackle-core_3"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.18.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.typelevel:grackle-core_sjs1_2.13"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.18.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.typelevel:grackle-core_sjs1_3"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.18.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.typelevel:grackle-core_native0.4_2.13"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.18.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.typelevel:grackle-core_native0.4_3"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.18.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "edu.gemini:gsp-graphql-core_2.13"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "0.14.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "edu.gemini:gsp-graphql-core_3"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "0.14.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "edu.gemini:gsp-graphql-core_sjs1_2.13"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "0.14.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "edu.gemini:gsp-graphql-core_sjs1_3"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "0.14.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "edu.gemini:gsp-graphql-core_native0.4_2.13"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "0.14.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "edu.gemini:gsp-graphql-core_native0.4_3"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "0.14.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-50730"
],
"database_specific": {
"cwe_ids": [
"CWE-400"
],
"github_reviewed": true,
"github_reviewed_at": "2023-12-18T23:26:52Z",
"nvd_published_at": "2023-12-22T21:15:07Z",
"severity": "HIGH"
},
"details": "### Impact\n\nPrior to this fix, the GraphQL query parsing was vulnerable to `StackOverflowError`s. The possibility of small queries resulting in stack overflow is a potential denial of service vulnerability.\n\nThis potentially affects all applications using Grackle which have untrusted users.\n\n\u003e [!CAUTION] \n\u003e **No specific knowledge of an application\u0027s GraphQL schema would be required to construct a pathological query.**\n\n### Patches\nThe stack overflow issues have been resolved in the v0.18.0 release of Grackle.\n\n### Workarounds\nUsers could interpose a sanitizing layer in between untrusted input and Grackle query processing.\n",
"id": "GHSA-g56x-7j6w-g8r8",
"modified": "2023-12-22T22:26:24Z",
"published": "2023-12-18T23:26:52Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/typelevel/grackle/security/advisories/GHSA-g56x-7j6w-g8r8"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50730"
},
{
"type": "WEB",
"url": "https://github.com/typelevel/grackle/commit/56e244b91659cf385df590fc6c46695b6f36cbfd"
},
{
"type": "PACKAGE",
"url": "https://github.com/typelevel/grackle"
},
{
"type": "WEB",
"url": "https://github.com/typelevel/grackle/releases/tag/v0.18.0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Grackle has StackOverflowError in GraphQL query processing"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…