{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T04:55:17.774","vulnerabilities":[{"cve":{"id":"CVE-2022-31173","sourceIdentifier":"security-advisories@github.com","published":"2022-08-01T19:15:08.330","lastModified":"2024-11-21T07:04:03.200","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Juniper is a GraphQL server library for Rust. Affected versions of Juniper are vulnerable to uncontrolled recursion resulting in a program crash. This issue has been addressed in version 0.15.10. Users are advised to upgrade. Users unable to upgrade should limit the recursion depth manually."},{"lang":"es","value":"Juniper es una biblioteca de servidor GraphQL para Rust. Las versiones afectadas de Juniper son vulnerables a una recursividad no controlada resultando en un bloqueo del programa. Este problema ha sido abordado en versión 0.15.10. Es recomendado a usuarios actualizar. Los usuarios que no puedan actualizar deberán limitar la profundidad de la recursión manualmente"}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-674"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:juniper_project:juniper:*:*:*:*:*:rust:*:*","versionEndExcluding":"0.15.10","matchCriteriaId":"FC49E6F1-2A38-4C24-B62A-71DAFA11519A"}]}]}],"references":[{"url":"https://github.com/graphql-rust/juniper/blob/juniper-v0.15.10/juniper/CHANGELOG.md#01510-2022-07-28","source":"security-advisories@github.com","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/graphql-rust/juniper/commit/2b609ee057be950e3454b69fadc431d120e407bb","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/graphql-rust/juniper/commit/8d28cdba6eb10f53490ba41d1b5cb40506c2de22","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/graphql-rust/juniper/security/advisories/GHSA-4rx6-g5vg-5f3j","source":"security-advisories@github.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/graphql-rust/juniper/blob/juniper-v0.15.10/juniper/CHANGELOG.md#01510-2022-07-28","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/graphql-rust/juniper/commit/2b609ee057be950e3454b69fadc431d120e407bb","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/graphql-rust/juniper/commit/8d28cdba6eb10f53490ba41d1b5cb40506c2de22","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/graphql-rust/juniper/security/advisories/GHSA-4rx6-g5vg-5f3j","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}