| modules: |
| - module: github.com/graphql-go/graphql |
| vulnerable_at: 0.8.0 |
| packages: |
| - package: github.com/graphql-go/graphql/language/parser |
| symbols: |
| - Parse |
| description: | |
| graphql-go (aka GraphQL for Go) has infinite recursion |
| in the type definition parser. |
| published: 2022-08-23T13:19:13Z |
| cves: |
| - CVE-2022-37315 |
| ghsas: |
| - GHSA-h3qm-jrrf-cgj3 |
| references: |
| - fix: https://github.com/graphql-go/graphql/pull/642 |
| - fix: https://github.com/graphql-go/graphql/pull/642/commits/4188bd5b3877f7badb951b421cf66e0af2eacb22 |