{"vulnerability": "cve-2023-22477", "sightings": [{"uuid": "d58a4855-46de-45b4-8e9c-8e4f68f346e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22477", "type": "seen", "source": "https://t.me/cibsecurity/56160", "content": "\u203c CVE-2023-22477 \u203c\n\nMercurius is a GraphQL adapter for Fastify. Any users of Mercurius until version 10.5.0 are subjected to a denial of service attack by sending a malformed packet over WebSocket to `/graphql`. This issue was patched in #940. As a workaround, users can disable subscriptions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-09T18:27:37.000000Z"}]}