Apollo 安全漏洞

Apollo is an Apollo open source configuration management system. A security vulnerability exists in Apollo version 2.3.0, which stems from a privilege check bypass issue in the Synchronized Configuration feature...

PT-2024-30557 · Apollo · Apollo

Name of the Vulnerable Software and Affected Versions: Apollo versions prior to 2.3.0 Description: A vulnerability exists in the synchronization configuration feature that allows users to craft specific requests to bypass permission checks, enabling them to modify a namespace without the necessar...

PT-2024-30097 · Apollo · Apollo

Name of the Vulnerable Software and Affected Versions: apollocongif apollo version 2.2.0 Description: An issue in apollocongif apollo allows a remote attacker to obtain sensitive information via a crafted request. Recommendations: For version 2.2.0, consider restricting access to sensitive...

Apollo 安全漏洞

Apollo is an Apollo open source configuration management system. A security vulnerability exists in Apollo version 2.2.0 that originates from a remote attacker who can obtain sensitive information via a specially crafted request...

Malicious code in apollo-federation-integration-testsuite (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-1763 Malicious code in apollo-federation-integration-testsuite (npm)

--- -= Per source details. Do not edit below this line.=-...

Apollo Router vulnerable to Critical Regression In Query Plan Cache

Impact Any instance of Apollo Router 1.44.0 or 1.45.0 that is using Distributed Query Plan Caching is impacted. These versions were released on 2024-04-12 and 2024-04-22 respectively. The affected versions of Apollo Router contain a bug that could lead to unexpected operations being executed, whi...

GHSA-Q9P4-HW9M-FJ2V Apollo Router vulnerable to Critical Regression In Query Plan Cache

Impact Any instance of Apollo Router 1.44.0 or 1.45.0 that is using Distributed Query Plan Caching is impacted. These versions were released on 2024-04-12 and 2024-04-22 respectively. The affected versions of Apollo Router contain a bug that could lead to unexpected operations being executed, whi...

CVE-2024-32971

Apollo Router is a configurable, graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. The affected versions of Apollo Router contain a bug that in limited circumstances, could lead to unexpected operations being executed which can result in unintended data or...

CVE-2024-32971

CVE-2024-32971 affects Apollo Router when using distributed query plan caching. A bug in the router’s cache retrieval logic may cause an operation (query, mutation, or subscription) to execute a modified version of a previously run operation, potentially yielding unexpected results or errors. Pub...

CVE-2024-32971 Defect in query plan cache may cause incorrect operations to be executed in Apollo Router

Apollo Router is a configurable, graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. The affected versions of Apollo Router contain a bug that in limited circumstances, could lead to unexpected operations being executed which can result in unintended data or...

CVE-2024-32971 Defect in query plan cache may cause incorrect operations to be executed in Apollo Router

Apollo Router is a configurable, graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. The affected versions of Apollo Router contain a bug that in limited circumstances, could lead to unexpected operations being executed which can result in unintended data or...

CVE-2024-32971 Defect in query plan cache may cause incorrect operations to be executed in Apollo Router

Apollo Router is a configurable, graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. The affected versions of Apollo Router contain a bug that in limited circumstances, could lead to unexpected operations being executed which can result in unintended data or...

Apollo Router 安全漏洞

Apollo Router is a configurable, high-performance graphical router written in Rust. A security vulnerability exists in Apollo Router versions prior to 1.45.1, which stems from an error in the cache retrieval logic and could result in the execution of unexpected operations...

CVE-2024-25736

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can restart the device via a /device/reboot GET request...

CVE-2024-25735

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext passwords via a SoftAP /device/config GET request...

CVE-2024-25734

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. The TELNET service prompts for a password only after a valid username is entered, which might make it easier for remote attackers to enumerate user accounts...

CVE-2024-25734

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. The TELNET service prompts for a password only after a valid username is entered, which might make it easier for remote attackers to enumerate user accounts...

CVE-2024-25736

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can restart the device via a /device/reboot GET request...

CVE-2024-25735

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext passwords via a SoftAP /device/config GET request...