Homepage
About Snyk

strawberry-graphql@0.212.0.dev1699050277 vulnerabilities

A library for creating GraphQL APIs

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the strawberry-graphql package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Cross-Site Request Forgery (CSRF)

strawberry-graphql is an A library for creating GraphQL APIs

Affected versions of this package are vulnerable to Cross-Site Request Forgery (CSRF) due to the default settings of exemption from Django's CsrfViewMiddleware protection and support for multipart file uploads, in all integrations.

Note: After the fix, clients need to send CSRF tokens with every request.

How to fix Cross-Site Request Forgery (CSRF)?

Upgrade strawberry-graphql to version 0.243.0 or higher.

[,0.243.0)
Go back to all versions of this package