2 matches found
GHSA-MP6Q-XF9X-FWF7 Apollo Serve vulnerable to Denial of Service with `startStandaloneServer`
Impact The default configuration of startStandaloneServer from @apollo/server/standalone is vulnerable to Denial of Service DoS attacks through specially crafted request bodies with exotic character set encodings. This issue does not affect users that use @apollo/server as a dependency for...
SUSE CVE-2008-5351
Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier accepts UTF-8 encodings that are not the "shortest" form, which makes it easier for attackers to bypass protection mechanisms for other applications...