1233 matches found
Apollo Router Core 缓冲区错误漏洞
Apollo Router Core is a router core application for the Apollo community. A buffer error vulnerability exists in Apollo Router Core versions prior to 1.61.2 and prior to 2.1.1, which stems from an operation limit counter overflow that could cause a query to bypass a threshold...
PT-2025-15296 · Apollo · Apollo Router Core
Name of the Vulnerable Software and Affected Versions: Apollo Router Core versions prior to 1.61.2 Apollo Router Core versions prior to 2.1.1 Description: A vulnerability in the Apollo Router allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan...
PT-2025-15756 · Apollo · Apollo Router
Name of the Vulnerable Software and Affected Versions: Apollo Router versions prior to 1.61.2 Apollo Router versions prior to 2.1.1 Description: A vulnerability in Apollo Router's usage of Apollo Compiler allowed queries with deeply nested and reused named fragments to be prohibitively expensive ...
Apollo Router Core 安全漏洞
Apollo Router Core is a router core application for the Apollo community. A security vulnerability exists in Apollo Router Core versions prior to 1.61.2 and prior to 2.1.1, which stems from mishandling of fragment extensions and could result in a denial of service...
Apollo Federation 安全漏洞
Apollo Federation is an architecture for the Apollo community to declaratively combine APIs into a unified graph. A security vulnerability exists in Apollo Federation versions prior to 2.10.1 that stems from a query optimization bypass that could lead to a denial of service...
apollo-rs 安全漏洞
apollo-rs is an Apollo GraphQL open source compliant GraphQL tool in Rust. A security vulnerability exists in versions of apollo-rs prior to 1.27.0 that stems from improper handling of deeply nested fragments, which could lead to a denial of service...
PT-2025-15294 · Unknown · Apollo Gateway
Name of the Vulnerable Software and Affected Versions: Apollo Gateway versions prior to 2.10.1 Description: The issue concerns a vulnerability that allows queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically during named fragment expansio...
CVE-2025-20002
After attempting to upload a file that does not meet prerequisites, GMOD Apollo will respond with local path information disclosure...
CVE-2025-23410
When uploading organism or sequence data via the web interface, GMOD Apollo will unzip and inspect the files and will not check for path traversal in supported archive types...
CVE-2025-24924
Certain functionality within GMOD Apollo does not require authentication when passed with an administrative username...
CVE-2025-21092
GMOD Apollo does not have sufficient logical or access checks when updating a user's information. This could result in an attacker being able to escalate privileges for themselves or others...
CVE-2025-23410
When uploading organism or sequence data via the web interface, GMOD Apollo will unzip and inspect the files and will not check for path traversal in supported archive types...
CVE-2025-24924
Certain functionality within GMOD Apollo does not require authentication when passed with an administrative username...
CVE-2025-21092
GMOD Apollo does not have sufficient logical or access checks when updating a user's information. This could result in an attacker being able to escalate privileges for themselves or others...
CVE-2025-20002
After attempting to upload a file that does not meet prerequisites, GMOD Apollo will respond with local path information disclosure...
CVE-2025-20002
After attempting to upload a file that does not meet prerequisites, GMOD Apollo will respond with local path information disclosure...
CVE-2025-20002 GMOD Apollo Generation of Error Message Containing Sensitive Information
After attempting to upload a file that does not meet prerequisites, GMOD Apollo will respond with local path information disclosure...
CVE-2025-20002 GMOD Apollo Generation of Error Message Containing Sensitive Information
After attempting to upload a file that does not meet prerequisites, GMOD Apollo will respond with local path information disclosure...
CVE-2025-20002
After attempting to upload a file that does not meet prerequisites, GMOD Apollo will respond with local path information disclosure...
CVE-2025-20002
CVE-2025-20002 affects GMOD Apollo. Root cause is insufficient input validation during file uploads and archive handling, enabling local path information disclosure after uploading files that do not meet prerequisites. Documentation notes path traversal risk when updating user data and during arc...