pkg:crates.io/apollo-router

All known vulnerabilities

• CRITICAL9.0CVE-2024-32971Apollo Router vulnerable to Critical Regression In Query Plan Cache
  >= 1.44.0, < 1.45.1
• HIGH7.5CVE-2025-64173Apollo Router Affected by an Access Control Bypass on Polymorphic Types
  from 0, < 1.61.12
• HIGH7.5CVE-2025-64347Apollo Router Improperly Enforces Renamed Access Control Directives
  from 0, < 1.61.12
• HIGH7.5CVE-2025-32380Apollo Router Query Validation Vulnerable to Excessive Resource Consumption via Named Fragment Processing
  from 0, < 1.61.2
• HIGH7.5CVE-2025-32033Apollo Router Operation Limits Vulnerable to Bypass via Integer Overflow
  from 0, < 1.61.2
• HIGH7.5CVE-2025-32034Apollo Router Query Planner Vulnerable to Excessive Resource Consumption via Named Fragment Expansion
  from 0, < 1.61.2
• HIGH7.5CVE-2025-32032Apollo Router Query Planner Vulnerable to Excessive Resource Consumption via Optimization Bypass
  from 0, < 1.61.2
• HIGH7.5CVE-2024-43783Apollo Router Coprocessors may cause Denial-of-Service when handling request bodies
  >= 1.7.0, < 1.52.1
• HIGH7.5CVE-2024-43414Apollo Query Planner and Apollo Gateway may infinitely loop on sufficiently complex queries
  from 0, < 1.52.1
• HIGH7.5CVE-2024-28101Apollo Router's Compressed Payloads do not respect HTTP Payload Limits
  >= 0.9.5, < 1.40.2
• HIGH7.5CVE-2023-45812Apollo Router vulnerable to Improper Check or Handling of Exceptional Conditions
  >= 1.31.0, < 1.33.0
• MEDIUM5.9CVE-2023-41317Apollo Router Unnamed "Subscription" operation results in Denial-of-Service
  >= 1.28.0, < 1.29.1