GraphQL - CVE CyberSecurity Database News

Mar 12, 2025 Exploit GraphQL

CVE-2025-27407: Remote Code Execution in GraphQL-Ruby Prior to Versions 1.11.8, 1.12.25, 1.13.24, 2..32, 2.1.14, 2.2.17, and 2.3.21

GraphQL-Ruby is a widely-used Ruby implementation of the query language GraphQL. It provides a simple, expressive and efficient way to build APIs. However, if you&

Feb 20, 2025 GraphQL

CVE-2025-27098: Missing Check Vulnerability in GraphQL Mesh's Static File Handler

GraphQL Mesh is a popular and flexible gateway that allows developers to integrate multiple APIs and services seamlessly. However, a missing check vulnerability in its

Feb 20, 2025 Exploit GraphQL gRPC OAuth

CVE-2025-27097 - GraphQL Mesh Security Vulnerability: Potential Memory Leak and Token Reuse

GraphQL Mesh is a widely-used GraphQL Federation framework and gateway that is designed to work seamlessly with various subgraphs, non-GraphQL services, and databases such as

Dec 16, 2024 Exploit GraphQL

CVE-2024-8116: Critical Vulnerability in GitLab CE/EE Allows Unauthorized Retrieval of Branch Names Using GraphQL Query

A critical vulnerability (CVE-2024-8116) has been discovered in GitLab, a popular web-based DevOps platform that streamlines software development, affecting both the Community Edition (CE) and

Dec 12, 2024 Exploit GraphQL

CVE-2024-12292 - Sensitive Information Leakage in GitLab CE/EE due to GraphQL Mutation Logging Vulnerability

A security vulnerability has been discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) which affects all versions starting from 11. prior to 17.