{"uuid": "b49b1440-6b2c-4a3e-bce4-39aaccfaf8d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34047", "type": "seen", "source": "https://t.me/cibsecurity/70794", "content": "\u203c CVE-2023-34047 \u203c\n\nA batch loader function in Spring for GraphQL versions 1.1.0 - 1.1.5 and 1.2.0 - 1.2.2 may be exposed to GraphQL context with values, including security context values, from a different session. An application is vulnerable if it provides a DataLoaderOptions\u00c2\u00a0instance when registering batch loader functions through DefaultBatchLoaderRegistry.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-20T14:30:09.000000Z"}