Lucene search

Hasura Security Vulnerabilities

cve

CVE-2022-46792

Hasura GraphQL Engine before 2.15.2 mishandles row-level authorization in the Update Many API for Postgres backends. The fixed versions are 2.10.2, 2.11.3, 2.12.1, 2.13.2, 2.14.1, and 2.15.2. (Versions before 2.10.0 are...

8.8CVSS

8.7AI Score

0.001EPSS

2022-12-08 06:15 AM

cve

CVE-2023-27588

Hasura is an open-source product that provides users GraphQL or REST APIs. A path traversal vulnerability has been discovered within Hasura GraphQL Engine prior to versions 1.3.4, 2.55.1, 2.20.1, and 2.21.0-beta1. Projects running on Hasura Cloud were not vulnerable. Self-hosted Hasura Projects...

7.5CVSS

8AI Score

0.001EPSS

2023-03-14 06:15 PM

cve

CVE-2019-1020015

graphql-engine (aka Hasura GraphQL Engine) before 1.0.0-beta.3 mishandles the audience check while verifying...

7.5CVSS

7.5AI Score

0.001EPSS

2019-07-29 01:15 PM