Product
A denial-of-service vulnerability exists in the Absinthe GraphQL library (versions 1.2.0 to 1.10.1), where an unauthenticated attacker can exhaust server resources by submitting a crafted GraphQL query with a large number of fragment definitions due to the quadratic complexity of fragment name uniqueness validation.