2 matches found
CVE-2024-28101
CVE-2024-28101 concerns the Apollo Router (Rust) and affects versions 0.9.5 through 1.40.2. The vulnerability arises when handling compressed HTTP payloads: after decompression, the router evaluates limits.http_max_request_bytes, which can lead to significant memory consumption if highly compress...
inigo-rs (>=0.1.5 <=0.27.8) potentially affected by CVE-2024-28101 via apollo-router (=1.2.1)
apollo-router CARGO version =1.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on apollo-router and may be impacted: - inigo-rs =0.1.5, =0.27.8 Source cves: CVE-2024-28101 Source advisory: OSV:GHSA-CGQF-3CQ5-WVCJ...