Graphql-go Project Graphql-go — known CVE vulnerabilities
Every CVE whose affected-product data names Graphql-go Project Graphql-go, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2022-37315 — CVSS 7.5 (high): graphql-go (aka GraphQL for Go) through 0.8.0 has infinite recursion in the type definition parser.
CVE-2022-21708 — CVSS 6.5 (medium): graphql-go is a GraphQL server with a focus on ease of use. In versions prior to 1.3.0 there exists a DoS vulnerability that is possible…