VYPR

Federation

by Apollographql

Source repositories

CVEs (4)

  • CVE-2025-64530HigNov 13, 2025
    risk 0.42cvss 7.5epss 0.00

    Apollo Federation is an architecture for declaratively composing APIs into a unified graph. A vulnerability in versions of Apollo Federation's composition logic prior to 2.9.5, 2.10.4, 2.11.5, and 2.12.1 allowed some queries to Apollo Router to improperly bypass access controls…

  • CVE-2025-32031Apr 7, 2025
    risk 0.00cvss epss 0.01

    Apollo Gateway provides utilities for combining multiple GraphQL microservices into a single GraphQL endpoint. Prior to 2.10.1, a vulnerability in Apollo Gateway allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan,…

  • CVE-2025-32030Apr 7, 2025
    risk 0.00cvss epss 0.00

    Apollo Gateway provides utilities for combining multiple GraphQL microservices into a single GraphQL endpoint. Prior to 2.10.1, a vulnerability in Apollo Gateway allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan,…

  • CVE-2024-43414Aug 27, 2024
    risk 0.00cvss epss 0.01

    Apollo Federation is an architecture for declaratively composing APIs into a unified graph. Each team can own their slice of the graph independently, empowering them to deliver autonomously and incrementally. Instances of @apollo/query-planner >=2.0.0 and <2.8.5 are impacted by…