Vulnerability Database

296,172

Total vulnerabilities in the database

GraphQL Armor Max-Depth Plugin Bypass via Introspection Query Obfuscation

Summary

A query depth restriction using the max-depth property can be bypassed if ignoreIntrospection is enabled (which is the default configuration) by naming your query/fragment __schema.

Details

At the start of the countDepth function, we have the following check for the ignoreIntrospection option:

if (this.config.ignoreIntrospection && 'name' in node && node.name?.value === '__schema') { return 0; }

However, the node can be one of: FieldNode, FragmentDefinitionNode, InlineFragmentNode, OperationDefinitionNode, FragmentSpreadNode.

For example, consider sending the following query:

query hello { books { title } }

This would create an OperationDefinitionNode where node.name.value == 'hello'

The proper way to handle this is to check explicitly for the __schema field, which corresponds to a FieldNode.

The fix is

if ( this.config.ignoreIntrospection && 'name' in node && node.name?.value === '__schema' && node.kind === Kind.FIELD ) { return 0; }

This ensures that the node is explicitly a FieldNode.

PoC

Max depth: 6

query { books { author { books { author { ...__schema } } } } } fragment __schema on Author { books { title } }

Impact

This issue affects applications using the GraphQL Armor Depth Limit plugin with ignoreIntrospection enabled.

Fix

This is fixed in PR#823

CVSS v3:

  • Severity: Unknown
  • Score:
  • AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWEs:

Software From Fixed in
Node.js icon @escape.tech / graphql-armor-max-depth - 2.4.2