Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hasura graphql engine vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-46792
Hasura GraphQL Engine prior to 2.15.2 mishandles row-level authorization in the Update Many API for Postgres backends. The fixed versions are 2.10.2, 2.11.3, 2.12.1, 2.13.2, 2.14.1, and 2.15.2. (Versions prior to 2.10.0 are unaffected.)
Hasura Graphql Engine
Hasura Graphql Engine 2.14.0
Hasura Graphql Engine 2.12.0
7.5
CVSSv3
CVE-2023-27588
Hasura is an open-source product that provides users GraphQL or REST APIs. A path traversal vulnerability has been discovered within Hasura GraphQL Engine prior to versions 1.3.4, 2.55.1, 2.20.1, and 2.21.0-beta1. Projects running on Hasura Cloud were not vulnerable. Self-hosted ...
Hasura Graphql Engine
7.5
CVSSv3
CVE-2019-1020015
graphql-engine (aka Hasura GraphQL Engine) prior to 1.0.0-beta.3 mishandles the audience check while verifying JWT.
Hasura Graphql Engine
Hasura Graphql Engine 1.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started