Package impact
npm / @apollo/gateway
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-32621 | critical | 9.9 | 9.9 | 3mo ago | Apollo Federation vulnerable to prototype pollution via incomplete key sanitization | |||
| CVE-2025-32031 | unknown | — | — | 1y ago | Apollo Gateway Query Planner Vulnerable to Excessive Resource Consumption via Optimization Bypass | |||
| CVE-2025-32030 | unknown | — | — | 1y ago | Apollo Gateway Query Planner Vulnerable to Excessive Resource Consumption via Named Fragment Expansion | |||
| CVE-2024-43414 | unknown | — | — | 2y ago | Apollo Query Planner and Apollo Gateway may infinitely loop on sufficiently complex queries |