Apollo Router Query Planner Vulnerable to Excessive Resource Consumption via Optimization Bypass

Impact Summary A vulnerability in Apollo Router allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically due to internal optimizations be ...

Continue Reading

April 08, 2025

Apollo Router Query Validation Vulnerable to Excessive Resource Consumption via Named Fragment Processing

Impact Summary A vulnerability in Apollo Router's usage of Apollo Compiler allowed queries with deeply nested and reused named fragments to be prohibitively expensive to validate. This could lead ...

Continue Reading

April 08, 2025

Apollo Router Query Planner Vulnerable to Excessive Resource Consumption via Named Fragment Expansion

Impact Summary A vulnerability in Apollo Router allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically during named fragment expansion. ...

Continue Reading

April 08, 2025

Apollo Gateway Query Planner Vulnerable to Excessive Resource Consumption via Optimization Bypass

Impact Summary A vulnerability in Apollo Gateway allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically due to internal optimizations b ...

Continue Reading

April 08, 2025

Apollo Router Query Validation Vulnerable to Excessive Resource Consumption via Named Fragment Processing

Impact Summary A vulnerability in Apollo Router's usage of Apollo Compiler allowed queries with deeply nested and reused named fragments to be prohibitively expensive to validate. This could lead ...

Continue Reading

April 08, 2025

Apollo Gateway Query Planner Vulnerable to Excessive Resource Consumption via Optimization Bypass

Impact Summary A vulnerability in Apollo Gateway allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically due to internal optimizations b ...

Continue Reading

April 08, 2025

CVE-2025-31496 apollo-compiler Named Fragment Processing Vulnerability

apollo-compiler is a query-based compiler for the GraphQL query language. Prior to 1.27.0, a vulnerability in Apollo Compiler allowed queries with deeply nested and reused named fragments to be prohib ...

Continue Reading

April 08, 2025

CVE-2025-31496 apollo-compiler Named Fragment Processing Vulnerability

apollo-compiler is a query-based compiler for the GraphQL query language. Prior to 1.27.0, a vulnerability in Apollo Compiler allowed queries with deeply nested and reused named fragments to be prohib ...

Continue Reading

April 08, 2025

1 157 158 159 160 161 374

Back to Main
Subscribe for the latest news: