Undefined objects

Description

Undefined objects are objects that use the built-in GraphQL object type instead of referencing a custom one. They can be at the root of security issues due to their unstructured nature.

Remediation

Enforce strong typing in your schema objects.

Configuration

Identifier: schema/undefined_object

Examples

Ignore this check

{
    "checks": {
        "schema/undefined_object": {
            "skip": true
        }
    }
}

Score

Escape Severity: INFO
- OWASP: API9:2023
- CWE
  - 758
  - 1059
  - 1111
  - 1357

CVSS

CVSS_VECTOR: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
CVSS_SCORE: 0.0

Undefined objects

Description​

Remediation​

Configuration​

Examples​

Ignore this check​

Score​

CVSS​