5.3

CVSS Score

3.0

Basic Information

CVE ID

GHSA ID

GHSA-733v-p3h5-qpq7

EPSS Score

CWE

CWE-400

Published

4/25/2025

Updated

4/29/2025

KEV Status

Technology

JavaScript

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

GHSA-733v-p3h5-qpq7

GHSA-733v-p3h5-qpq7: GraphQL Armor Cost-Limit Plugin Bypass via Introspection Query Obfuscation

Summary

A query cost restriction using the cost-limit can be bypassed if ignoreIntrospection is enabled (which is the default configuration) by naming your query/fragment __schema.

Details

At the start of the computeComplexity function, we have the following check for ignoreIntrospection option:

    if (this.config.ignoreIntrospection && 'name' in node && node.name?.value === '__schema') {
      return 0;
    }

However, the node can be FieldNode | FragmentDefinitionNode | InlineFragmentNode | OperationDefinitionNode | FragmentSpreadNode

So, for example, sending the following query

query hello {
  books {
    title
  }
}

would create an OperationDefinitionNode with node.name.value == 'hello'

The proper way to handle this would be to check for the __schema field, which would create a FieldNode.

The fix is

    if (
      this.config.ignoreIntrospection &&
      'name' in node &&
      node.name?.value === '__schema' &&
      node.kind === Kind.FIELD
    ) {
      return 0;
    }

to assert that the node must be a FieldNode

PoC

query  {
  ...__schema
}

fragment __schema on Query {
  books {
    title
    author
  }
}

query __schema {
  books {
    title
    author
  }
}

Impact

Applications using GraphQL Armor Cost Limit plugin with ignoreIntrospection enabled.

Fix:

Fixed on 772. A quick patch would be to set ignoreIntrospection to false.

(GitHub Advisory)

5.3

CVSS Score

3.0

Basic Information

CVE ID

GHSA ID

GHSA-733v-p3h5-qpq7

EPSS Score

CWE

CWE-400

Published

4/25/2025

Updated

4/29/2025

KEV Status

Technology

JavaScript

Technical Details

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
@escape.tech/graphql-armor-cost-limit	npm	< 2.4.2	2.4.2

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability lies in the computeComplexity method of the CostLimitVisitor class. The provided patch directly modifies this function to correct a condition that allowed bypassing the cost-limit feature. The original code checked if a node was named __schema and ignoreIntrospection was true, then returned 0, effectively ignoring the cost. This check was too permissive as it applied to various node types (FieldNode, FragmentDefinitionNode, InlineFragmentNode, OperationDefinitionNode, FragmentSpreadNode) instead of just FieldNode for introspection queries. The fix adds node.kind === Kind.FIELD to the condition, ensuring that only actual introspection field queries are ignored. The vulnerability is triggered when a malicious query or fragment is named __schema, causing computeComplexity to incorrectly calculate the cost as zero, thus bypassing the intended security control.

The test cases added in packages/plugins/cost-limit/test/index.spec.ts further confirm this by demonstrating that queries and fragments named __schema now correctly have their costs calculated and are limited if they exceed the maxCost, whereas previously they would have been ignored due to the flaw in computeComplexity.

Therefore, CostLimitVisitor.computeComplexity is the specific function that, in its vulnerable state, would be involved in processing the malicious input and failing to enforce the cost limit, making it a key runtime indicator during exploitation attempts that leverage this bypass.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Summ*ry * qu*ry *ost r*stri*tion usin* t** `*ost-limit` **n ** *yp*ss** i* `i*nor*Introsp**tion` is *n**l** (w*i** is t** ****ult *on*i*ur*tion) *y n*min* your qu*ry/*r**m*nt `__s***m*`. ### **t*ils *t t** st*rt o* t** `*omput**ompl*xity` *un*ti

Reasoning

T** vuln*r**ility li*s in t** `*omput**ompl*xity` m*t*o* o* t** `*ostLimitVisitor` *l*ss. T** provi*** p*t** *ir**tly mo*i*i*s t*is *un*tion to *orr**t * *on*ition t**t *llow** *yp*ssin* t** *ost-limit ***tur*. T** ori*in*l *o** ****k** i* * no** w*s

5.3

Basic Information

Concerned about an active attack path?

GHSA-733v-p3h5-qpq7: GraphQL Armor Cost-Limit Plugin Bypass via Introspection Query Obfuscation

Summary

Details

PoC

Impact

Fix:

5.3

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI