-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe vulnerability report explicitly mentions handleUnbatchedGraphQLRequest as the entry point. The provided code snippet from handlers_graphql.go line 222 shows an unvalidated type assertion that causes a panic when receiving non-map variables. Reproduction steps demonstrate sending an array ([1337]) as variables triggers this assertion failure. The combination of direct vulnerability references, code evidence, and reproduction proof confirms this function's vulnerability.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| github.com/weaviate/weaviate | go | <= 1.20.0 |