Lucene search
K

7 matches found

Vulnrichment
Vulnrichment
added 2025/04/07 8:50 p.m.6 views

CVE-2025-32034 Apollo Router Query Planner Vulnerable to Excessive Resource Consumption via Named Fragment Expansion

The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Prior to 1.61.2 and 2.1.1, a vulnerability in Apollo Router allowed queries with deeply nested and reused named fragments to be prohibitively...

7.5CVSS7AI score0.00512EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/04/07 8:50 p.m.39 views

CVE-2025-32034 Apollo Router Query Planner Vulnerable to Excessive Resource Consumption via Named Fragment Expansion

The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Prior to 1.61.2 and 2.1.1, a vulnerability in Apollo Router allowed queries with deeply nested and reused named fragments to be prohibitively...

7.5CVSS0.00512EPSS
Exploits0References3
CVE
CVE
added 2025/04/07 8:38 p.m.58 views

CVE-2025-32030

CVE-2025-32030 concerns Apollo Gateway (GraphQL federation). The vulnerability occurs prior to version 2.10.1, where queries using deeply nested and reused named fragments could trigger prohibitively expensive query planning. Specifically, named fragments were expanded once per fragment spread du...

7.5CVSS7AI score0.0049EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/04/07 7:3 p.m.11 views

GHSA-Q2F9-X4P4-7XMH Apollo Gateway Query Planner Vulnerable to Excessive Resource Consumption via Named Fragment Expansion

Impact Summary A vulnerability in Apollo Gateway allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically during named fragment expansion. This could lead to excessive resource consumption and denial of service. Details Named fragment...

7.5CVSS7AI score0.0049EPSS
Exploits0References5
OSV
OSV
added 2025/04/07 6:57 p.m.9 views

GHSA-75M2-JHH5-J5G2 Apollo Router Query Planner Vulnerable to Excessive Resource Consumption via Named Fragment Expansion

Impact Summary A vulnerability in Apollo Router allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically during named fragment expansion. This could lead to excessive resource consumption and denial of service. Details Named fragments...

7.5CVSS7AI score0.00512EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/04/07 6:57 p.m.19 views

Apollo Router Query Planner Vulnerable to Excessive Resource Consumption via Named Fragment Expansion

Impact Summary A vulnerability in Apollo Router allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically during named fragment expansion. This could lead to excessive resource consumption and denial of service. Details Named fragments...

7.5CVSS7AI score0.00512EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/03/25 9:15 a.m.2 views

UBUNTU-CVE-2021-47152

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data stream corruption Maxim reported several issues when forcing a TCP transparent proxy to use the MPTCP protocol for the inbound connections. He also provided a clean reproducer. The problem boils down to...

5.5CVSS6.6AI score0.00232EPSS
Exploits0References5
Rows per page
Query Builder