Vendor

Webonyx

1 brief RSS

graphql-php OverlappingFieldsCanBeMerged Quadratic Complexity Vulnerability

The `OverlappingFieldsCanBeMerged` validation rule in `webonyx/graphql-php` has an `O(n^2 x m^2)` worst-case complexity due to flattened inline fragments, leading to potential resource exhaustion.

graphql-php graphql php resource-exhaustion vulnerability

2r 1t 1c 2h ago