Lucene search
+L

51 matches found

Vulnrichment
Vulnrichment
added 2024/08/27 5:20 p.m.17 views

CVE-2024-43414 Apollo Query Planner and Apollo Gateway may infinitely loop on sufficiently complex queries

Apollo Federation is an architecture for declaratively composing APIs into a unified graph. Each team can own their slice of the graph independently, empowering them to deliver autonomously and incrementally. Instances of @apollo/query-planner =2.0.0 and =2.0.0 and 2.8.5 and Apollo Router 1.52.1...

7.5CVSS6.6AI score0.00988EPSS
Exploits1References3
OSV
OSV
added 2024/08/27 5:20 p.m.35 views

CVE-2024-43414 Apollo Query Planner and Apollo Gateway may infinitely loop on sufficiently complex queries

Apollo Federation is an architecture for declaratively composing APIs into a unified graph. Each team can own their slice of the graph independently, empowering them to deliver autonomously and incrementally. Instances of @apollo/query-planner =2.0.0 and =2.0.0 and 2.8.5 and Apollo Router 1.52.1...

7.5CVSS6.7AI score0.00988EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/08/27 12:0 a.m.4 views

Apollo Federation 安全漏洞

Apollo Federation is an architecture for the Apollo community to declaratively combine APIs into a unified graph. A security vulnerability exists in Apollo Federation, which stems from the fact that if @apollo/query-planner is asked to plan a sufficiently complex query, it may loop indefinitely a...

7.5CVSS6.5AI score0.00988EPSS
Exploits1References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 12:28 p.m.5 views

Malicious code in apollo-federation-integration-testsuite (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
Vulnrichment
Vulnrichment
added 2024/05/02 6:43 a.m.19 views

CVE-2024-32971 Defect in query plan cache may cause incorrect operations to be executed in Apollo Router

Apollo Router is a configurable, graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. The affected versions of Apollo Router contain a bug that in limited circumstances, could lead to unexpected operations being executed which can result in unintended data or...

9CVSS6.9AI score0.00727EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/05/02 6:43 a.m.50 views

CVE-2024-32971 Defect in query plan cache may cause incorrect operations to be executed in Apollo Router

Apollo Router is a configurable, graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. The affected versions of Apollo Router contain a bug that in limited circumstances, could lead to unexpected operations being executed which can result in unintended data or...

9CVSS9.4AI score0.00727EPSS
Exploits0References4
OSV
OSV
added 2024/05/02 6:43 a.m.48 views

CVE-2024-32971 Defect in query plan cache may cause incorrect operations to be executed in Apollo Router

Apollo Router is a configurable, graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. The affected versions of Apollo Router contain a bug that in limited circumstances, could lead to unexpected operations being executed which can result in unintended data or...

9CVSS6.8AI score0.00727EPSS
Exploits0References6
OSV
OSV
added 2023/10/19 4:8 p.m.51 views

GHSA-R344-XW3P-2FRJ Apollo Router vulnerable to Improper Check or Handling of Exceptional Conditions

Impact The Apollo Router is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation. Affected versions are subject to a Denial-of-Service DoS type vulnerability which causes the Router to panic and terminate when a multi-part respons...

7.5CVSS7.5AI score0.00726EPSS
Exploits0References6
CVE
CVE
added 2023/10/18 9:29 p.m.54 views

CVE-2023-45812

CVE-2023-45812 affects Apollo Router (Rust). A DoS can occur when handling multi-part responses if the client uses queries with @defer or Subscriptions and the router is configured with a coprocessor level coprocessor.supergraph.response in router.yaml. The vulnerability can cause the router to p...

7.5CVSS7.4AI score0.00726EPSS
Exploits0References2Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/05/31 1:32 p.m.5 views

Malicious code in apollo-federation-ruby (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5201e2567b87839a5bb3c1c2dd4c7c9b275c284349ff04a9c2b348451b979206 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/05/31 1:32 p.m.10 views

MAL-2022-1057 Malicious code in apollo-federation-ruby (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5201e2567b87839a5bb3c1c2dd4c7c9b275c284349ff04a9c2b348451b979206 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Rows per page
Query Builder