← Back to CVE List
CVE-2024-40094
GraphQL Java (aka graphql-java) before 21.5 does not properly consider ExecutableNormalizedFields (ENFs) as part of preventing denial of service via introspection queries. 20.9 and 19.11 are also fixed versions.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt