PyPi: Strawberry-Graphql

CVE-2025-22151

Safety vulnerability ID: 76363

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Jan 09, 2025 Updated at Apr 04, 2025

Scan your Python projects for vulnerabilities →

Advisory

A type confusion vulnerability exists in Strawberry GraphQL's relay integration that affects multiple ORM integrations (Django, SQLAlchemy, Pydantic). The vulnerability occurs when multiple GraphQL types are mapped to the same underlying model while using the relay node interface.

Affected package

strawberry-graphql

Latest version: 0.263.1

A library for creating GraphQL APIs

Affected versions

Fixed versions

Vulnerability changelog

This vulnerability has no description

Resources

https://github.com/advisories/GHSA-5xh2-23cc-5jc6
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22151

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application