CNNVD-202512-3943 Information

CNNVD ID

CNNVD-202512-3943

Related CVE

CVE-2021-47713

• CNNVD Published: 2025-12-22

Description (Chinese)

Hasura GraphQL Engine是Hasura开源的一个非常快速的 GraphQL 服务器。 Hasura GraphQL Engine 1.3.3版本存在安全漏洞，该漏洞源于恶意GraphQL查询可能导致拒绝服务攻击。

Description (English)

Hasura GraphQL Engineering is a very fast GraphQL server for Hasura open source. There is a security gap in Hasura GraphQL Engineering version 1.3.3, which stems from malicious GraphQL inquiries that could lead to a denial of service attack.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Hasura

Published

2025-12-22

Last Modified

2026-02-24

References

https://github.com/hasura/graphql-engine https://www.exploit-db.com/exploits/49789 https://www.vulncheck.com/advisories/hasura-graphql-denial-of-service-via-malicious-graphql-query