Apollo Router Security Vulnerabilities and Issues — Apollo Router CVE List

Lucene search

ApollographqlApollo Router

4 matches found

CVE•added 2024/03/21 2:52 a.m.•135 views

CVE-2024-28101

The Apollo Router is a graph router written in Rust to run a federated supergraph that uses Apollo Federation. Versions 0.9.5 until 1.40.2 are subject to a Denial-of-Service (DoS) type vulnerability. When receiving compressed HTTP payloads, affected versions of the Router evaluate the limits.http_m...

7.5CVSS7.5AI score0.00122EPSS

CVE•added 2024/05/02 7:15 a.m.•76 views

CVE-2024-32971

Apollo Router is a configurable, graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. The affected versions of Apollo Router contain a bug that in limited circumstances, could lead to unexpected operations being executed which can result in unintended data or ef...

9CVSS9.2AI score0.00156EPSS

CVE•added 2024/08/27 6:15 p.m.•46 views

CVE-2024-43783

The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Instances of the Apollo Router running versions >=1.21.0 and =1.7.0 and

7.5CVSS7.5AI score0.00307EPSS

CVE•added 2024/08/27 6:15 p.m.•42 views

CVE-2024-43414

Apollo Federation is an architecture for declaratively composing APIs into a unified graph. Each team can own their slice of the graph independently, empowering them to deliver autonomously and incrementally. Instances of @apollo/query-planner >=2.0.0 and =2.0.0 and < 2.8.5 and Apollo Router

7.5CVSS7.5AI score0.00053EPSS