Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hasura graphql engine vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-46792
Hasura GraphQL Engine prior to 2.15.2 mishandles row-level authorization in the Update Many API for Postgres backends. The fixed versions are 2.10.2, 2.11.3, 2.12.1, 2.13.2, 2.14.1, and 2.15.2. (Versions prior to 2.10.0 are unaffected.)
Hasura Graphql Engine
Hasura Graphql Engine 2.14.0
Hasura Graphql Engine 2.12.0
7.5
CVSSv3
CVE-2019-1020015
graphql-engine (aka Hasura GraphQL Engine) prior to 1.0.0-beta.3 mishandles the audience check while verifying JWT.
Hasura Graphql Engine
Hasura Graphql Engine 1.0.0
7.5
CVSSv3
CVE-2023-27588
Hasura is an open-source product that provides users GraphQL or REST APIs. A path traversal vulnerability has been discovered within Hasura GraphQL Engine prior to versions 1.3.4, 2.55.1, 2.20.1, and 2.21.0-beta1. Projects running on Hasura Cloud were not vulnerable. Self-hosted ...
Hasura Graphql Engine
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started