Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-0902

Malicious code in bioql PyPI...

7.5CVSS6.4AI score0.0077EPSS
Exploits0References3
NVD
NVD
added 2025/04/09 4:15 p.m.11 views

CVE-2025-32380

The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. A vulnerability in Apollo Router's usage of Apollo Compiler allowed queries with deeply nested and reused named fragments to be prohibitively...

7.5CVSS0.00498EPSS
Exploits0References3
CVE
CVE
added 2025/04/09 4:5 p.m.61 views

CVE-2025-32380

The CVE-2025-32380 issue affects Apollo Router Core (Rust). A vulnerability in the Router’s usage of Apollo Compiler allowed queries with deeply nested and reused named fragments to be excessively expensive to validate, triggering high resource consumption and potential denial of service. The roo...

7.5CVSS7.4AI score0.00498EPSS
Exploits0References3
OSV
OSV
added 2025/04/07 6:59 p.m.9 views

GHSA-84M6-5M72-45FP Apollo Router Operation Limits Vulnerable to Bypass via Integer Overflow

Impact Summary A vulnerability in Apollo Router allowed certain queries to bypass configured operation limits, specifically due to integer overflow. Details The operation limits plugin uses unsigned 32-bit integers to track limit counters e.g. for a query's height. If a counter exceeded the maxim...

7.5CVSS7.4AI score0.00513EPSS
Exploits0References5
OSV
OSV
added 2025/04/07 6:57 p.m.9 views

GHSA-75M2-JHH5-J5G2 Apollo Router Query Planner Vulnerable to Excessive Resource Consumption via Named Fragment Expansion

Impact Summary A vulnerability in Apollo Router allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically during named fragment expansion. This could lead to excessive resource consumption and denial of service. Details Named fragments...

7.5CVSS7AI score0.00477EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/04/07 12:0 a.m.6 views

PT-2025-15756 · Apollo · Apollo Router

Name of the Vulnerable Software and Affected Versions: Apollo Router versions prior to 1.61.2 Apollo Router versions prior to 2.1.1 Description: A vulnerability in Apollo Router's usage of Apollo Compiler allowed queries with deeply nested and reused named fragments to be prohibitively expensive ...

7.5CVSS6.3AI score0.00498EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2023/09/05 12:0 a.m.6 views

PT-2023-27902 · Unknown · Apollo Router

Name of the Vulnerable Software and Affected Versions: Apollo Router versions 1.28.0 through 1.29.0 Description: The Apollo Router is subject to a Denial-of-Service DoS type vulnerability which causes the Router to panic and terminate when GraphQL Subscriptions are enabled. This can be triggered...

7.5CVSS5.6AI score0.00653EPSS
Exploits0References11
Rows per page
Query Builder