apollo-router vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
GHSA-HFF2-GCPX-8F4PMediumapollo-router: Apollo Router Core: Browser Bug Enables Bypass of XS-Search Prevention via Read-Only Cross-Site Request ForgeryCVE-2025-64173Highapollo-router: Apollo Router Affected by an Access Control Bypass on Polymorphic TypesCVE-2025-64347Highapollo-router: Apollo Router Improperly Enforces Renamed Access Control DirectivesCVE-2025-32380Highapollo-router: Apollo Router Query Validation Vulnerable to Excessive Resource Consumption via Named Fragment ProcessingCVE-2025-32033Highapollo-router: Apollo Router Operation Limits Vulnerable to Bypass via Integer OverflowCVE-2025-32034Highapollo-router: Apollo Router Query Planner Vulnerable to Excessive Resource Consumption via Named Fragment ExpansionCVE-2025-32032Highapollo-router: Apollo Router Query Planner Vulnerable to Excessive Resource Consumption via Optimization BypassCVE-2024-43783Highapollo-router: Apollo Router Coprocessors may cause Denial-of-Service when handling request bodiesCVE-2024-43414Highapollo-router: Apollo Query Planner and Apollo Gateway may infinitely loop on sufficiently complex queriesCVE-2024-32971Criticalapollo-router: Apollo Router vulnerable to Critical Regression In Query Plan CacheCVE-2024-28101Highapollo-router: Apollo Router's Compressed Payloads do not respect HTTP Payload LimitsCVE-2023-45812Highapollo-router: Apollo Router vulnerable to Improper Check or Handling of Exceptional ConditionsCVE-2023-41317Mediumapollo-router: Apollo Router Unnamed "Subscription" operation results in Denial-of-Service

Stop the waste.
Protect your environment with Kodem.