Vulnerabilidades en apollographql
20 resultadosCVE-2024-43414HIGHApollo Query Planner and Apollo Gateway may infinitely loop on sufficiently complex queriesEPSS 1.0%CVE-2024-43783HIGHApollo Router Coprocessors may cause Denial-of-Service when handling request bodiesEPSS 0.9%CVE-2024-28101HIGHApollo Router's Compressed Payloads do not respect HTTP Payload LimitsEPSS 0.8%CVE-2024-32971CRITICALDefect in query plan cache may cause incorrect operations to be executed in Apollo RouterEPSS 0.7%CVE-2023-45812HIGHImproper Check or Handling of Exceptional Conditions in apollo-routerEPSS 0.7%CVE-2023-41317HIGHUnnamed "Subscription" operation results in Denial-of-Service in apollographql/routerEPSS 0.7%CVE-2026-23897HIGHApollo Server is vulnerable to denial of service with `startStandaloneServer`EPSS 0.6%CVE-2025-32031HIGHApollo Gateway Query Planner Vulnerable to Excessive Resource Consumption via Optimization BypassEPSS 0.5%CVE-2025-32033HIGHApollo Router Operation Limits Vulnerable to Bypass via Integer OverflowEPSS 0.5%CVE-2025-32032HIGHApollo Router Query Planner Vulnerable to Excessive Resource Consumption via Optimization BypassEPSS 0.5%CVE-2025-32380HIGHApollo Router Query Validation Vulnerable to Excessive Resource Consumption via Named Fragment ProcessingEPSS 0.5%CVE-2025-32034HIGHApollo Router Query Planner Vulnerable to Excessive Resource Consumption via Named Fragment ExpansionEPSS 0.4%CVE-2025-32030HIGHApollo Gateway Query Planner Vulnerable to Excessive Resource Consumption via Named Fragment ExpansionEPSS 0.4%CVE-2024-23841HIGHXSS in @apollo/experimental-nextjs-app-supportEPSS 0.4%CVE-2025-31496HIGHapollo-compiler Named Fragment Processing VulnerabilityEPSS 0.4%CVE-2025-64530HIGH@apollo/composition has Improper Enforcement of Access Control on Interface Types and FieldsEPSS 0.3%CVE-2025-64173HIGHApollo Router Core: Access Control Bypass on Polymorphic TypesEPSS 0.3%CVE-2025-64347HIGHApollo Router Improperly Enforces Renamed Access Control DirectivesEPSS 0.3%CVE-2026-35577MEDIUMMissing Host Header Validation in Apollo MCP Server for Localhost DeploymentsEPSS 0.2%CVE-2025-59845HIGHApollo Embedded Sandbox and Explorer vulnerable to CSRF via window.postMessage origin-validation bypassEPSS 0.1%