GraphQL Java (aka graphql-java) before 21.5 does not properly consider ExecutableNormalizedFields (ENFs) as part of preventing denial of service via introspection queries. 20.9 and 19.11 are also fixed versions.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Cryostat 3 on RHEL 8 | RedHat | cryostat-tech-preview/cryostat-db-rhel8:3.0.1-5 | * |
| Cryostat 3 on RHEL 8 | RedHat | cryostat-tech-preview/cryostat-grafana-dashboard-rhel8:3.0.1-5 | * |
| Cryostat 3 on RHEL 8 | RedHat | cryostat-tech-preview/cryostat-operator-bundle:3.0.1-5 | * |
| Cryostat 3 on RHEL 8 | RedHat | cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8:3.0.1-5 | * |
| Cryostat 3 on RHEL 8 | RedHat | cryostat-tech-preview/cryostat-reports-rhel8:3.0.1-5 | * |
| Cryostat 3 on RHEL 8 | RedHat | cryostat-tech-preview/cryostat-rhel8:3.0.1-5 | * |
| Cryostat 3 on RHEL 8 | RedHat | cryostat-tech-preview/cryostat-rhel8-operator:3.0.1-5 | * |
| Cryostat 3 on RHEL 8 | RedHat | cryostat-tech-preview/cryostat-storage-rhel8:3.0.1-5 | * |
| Cryostat 3 on RHEL 8 | RedHat | cryostat-tech-preview/jfr-datasource-rhel8:3.0.1-5 | * |
| Red Hat build of Quarkus 3.2 | RedHat | com.graphql-java.graphql-java | * |
| RHOSS-1.35-RHEL-8 | RedHat | openshift-serverless-1/logic-data-index-ephemeral-rhel8:1.35.0-5 | * |
| RHOSS-1.35-RHEL-8 | RedHat | openshift-serverless-1/logic-data-index-postgresql-rhel8:1.35.0-5 | * |
| RHOSS-1.35-RHEL-8 | RedHat | openshift-serverless-1/logic-jobs-service-ephemeral-rhel8:1.35.0-5 | * |
| RHOSS-1.35-RHEL-8 | RedHat | openshift-serverless-1/logic-jobs-service-postgresql-rhel8:1.35.0-6 | * |
| RHOSS-1.35-RHEL-8 | RedHat | openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8:1.35.0-2 | * |
| RHOSS-1.35-RHEL-8 | RedHat | openshift-serverless-1/logic-management-console-rhel8:1.35.0-5 | * |
| RHOSS-1.35-RHEL-8 | RedHat | openshift-serverless-1/logic-operator-bundle:1.35.0-5 | * |
| RHOSS-1.35-RHEL-8 | RedHat | openshift-serverless-1/logic-rhel8-operator:1.35.0-6 | * |
| RHOSS-1.35-RHEL-8 | RedHat | openshift-serverless-1/logic-swf-builder-rhel8:1.35.0-6 | * |
| RHOSS-1.35-RHEL-8 | RedHat | openshift-serverless-1/logic-swf-devmode-rhel8:1.35.0-6 | * |