Graphql Engine Security Vulnerabilities and Issues — Graphql Engine CVE List

Lucene search

HasuraGraphql Engine

2 matches found

CVE•added 2023/03/14 6:15 p.m.•83 views

CVE-2023-27588

Hasura is an open-source product that provides users GraphQL or REST APIs. A path traversal vulnerability has been discovered within Hasura GraphQL Engine prior to versions 1.3.4, 2.55.1, 2.20.1, and 2.21.0-beta1. Projects running on Hasura Cloud were not vulnerable. Self-hosted Hasura Projects wit...

7.5CVSS7.8AI score0.00375EPSS

CVE•added 2019/07/29 1:15 p.m.•36 views

CVE-2019-1020015

graphql-engine (aka Hasura GraphQL Engine) before 1.0.0-beta.3 mishandles the audience check while verifying JWT.

7.5CVSS7.5AI score0.00237EPSS