uvzz

**********************************************************************
CVE-2023-49559 - gqlparser < 2.5.13 directive overload denial of service
Credit: Yuval Moravchick, Security Researcher @ Cato Networks
***********************************************************************

The gqlparser library usesd by the Gqlgen GraphQL server was found vulnerable to a directive overload that can cause system resource exhaustion.

Since is no limit on the amount of directives that can be given as input inside the GraphQL query in the HTTP requests,
adding a large amount of non-existing directives can increase significantly the processing time of the query and response size, hence sending similar requests with the payload at the same time can cause a DoS condition on the server.

uvzz

<div class="md:p-8 p-5 dark:bg-gray-800 bg-white rounded-t">
                    <div class="px-4 flex items-center justify-between">
                        <span tabindex="0" class="focus:outline-none  text-base font-bold dark:text-gray-100 text-gray-800">October 2020</span>
                        <div class="flex items-center">
                            <button aria-label="calendar forward" class="flip-180 focus:text-gray-400 hover:text-gray-400 text-gray-800 dark:text-gray-100">
                            <svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-chevron-left" width="24" height="24" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round" data-darkreader-inline-stroke="" style="--darkreader-inline-stroke:currentColor;">
                                <path stroke="none" d="M0 0h24v24H0z" fill="none" data-darkreader-inline-stroke="" style="--darkreader-inline-stroke:none;"></path>