Vendor
high
advisory
webonyx/graphql-php Unbounded Recursion Vulnerability
2 rules 1 TTPThe webonyx/graphql-php library has an unbounded recursion vulnerability in its parser that can lead to a stack overflow, causing a denial of service by terminating the PHP process with a SIGSEGV.
graphql-php +4
graphql
denial-of-service
recursion
php
2r
1t
medium
advisory
graphql-php OverlappingFieldsCanBeMerged Quadratic Complexity Vulnerability
2 rules 1 TTP 1 CVEThe `OverlappingFieldsCanBeMerged` validation rule in `webonyx/graphql-php` has an `O(n^2 x m^2)` worst-case complexity due to flattened inline fragments, leading to potential resource exhaustion.
graphql-php
graphql
php
resource-exhaustion
vulnerability
2r
1t
1c