Vulnerability	Vulnerable Version
H Authentication Bypass Using an Alternate Path or Channel @apollo/composition is an Apollo Federation composition utilities Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel. An attacker can gain unauthorized access to restricted interface types or fields by crafting queries that target implementing object types or fields through inline fragments, thereby bypassing intended access controls. How to fix Authentication Bypass Using an Alternate Path or Channel? Upgrade `@apollo/composition` to version 2.9.5, 2.10.4, 2.11.5, 2.12.1 or higher.	<2.9.5>=2.10.0-alpha.0 <2.10.4>=2.11.0-preview.0 <2.11.5>=2.12.0-preview.0 <2.12.1

Authentication Bypass Using an Alternate Path or Channel

@apollo/composition is an Apollo Federation composition utilities

Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel. An attacker can gain unauthorized access to restricted interface types or fields by crafting queries that target implementing object types or fields through inline fragments, thereby bypassing intended access controls.

How to fix Authentication Bypass Using an Alternate Path or Channel?

Upgrade @apollo/composition to version 2.9.5, 2.10.4, 2.11.5, 2.12.1 or higher.

<2.9.5>=2.10.0-alpha.0 <2.10.4>=2.11.0-preview.0 <2.11.5>=2.12.0-preview.0 <2.12.1

Go back to all versions of this package