7 matches found
CVE-2025-32034 Apollo Router Query Planner Vulnerable to Excessive Resource Consumption via Named Fragment Expansion
The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Prior to 1.61.2 and 2.1.1, a vulnerability in Apollo Router allowed queries with deeply nested and reused named fragments to be prohibitively...
CVE-2025-32034 Apollo Router Query Planner Vulnerable to Excessive Resource Consumption via Named Fragment Expansion
The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Prior to 1.61.2 and 2.1.1, a vulnerability in Apollo Router allowed queries with deeply nested and reused named fragments to be prohibitively...
CVE-2025-32030
CVE-2025-32030 concerns Apollo Gateway (GraphQL federation). The vulnerability occurs prior to version 2.10.1, where queries using deeply nested and reused named fragments could trigger prohibitively expensive query planning. Specifically, named fragments were expanded once per fragment spread du...
GHSA-Q2F9-X4P4-7XMH Apollo Gateway Query Planner Vulnerable to Excessive Resource Consumption via Named Fragment Expansion
Impact Summary A vulnerability in Apollo Gateway allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically during named fragment expansion. This could lead to excessive resource consumption and denial of service. Details Named fragment...
GHSA-75M2-JHH5-J5G2 Apollo Router Query Planner Vulnerable to Excessive Resource Consumption via Named Fragment Expansion
Impact Summary A vulnerability in Apollo Router allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically during named fragment expansion. This could lead to excessive resource consumption and denial of service. Details Named fragments...
Apollo Router Query Planner Vulnerable to Excessive Resource Consumption via Named Fragment Expansion
Impact Summary A vulnerability in Apollo Router allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically during named fragment expansion. This could lead to excessive resource consumption and denial of service. Details Named fragments...
UBUNTU-CVE-2021-47152
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data stream corruption Maxim reported several issues when forcing a TCP transparent proxy to use the MPTCP protocol for the inbound connections. He also provided a clean reproducer. The problem boils down to...