apollo-upload-server@2.0.3 vulnerabilities

Middleware and an Upload scalar to add support for GraphQL multipart requests (file uploads via queries and mutations) to various Node.js GraphQL servers.

Direct Vulnerabilities

Known vulnerabilities in the apollo-upload-server package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Denial of Service (DoS)

apollo-upload-server is a Middleware and an Upload scalar to add support for GraphQL multipart requests (file uploads via queries and mutations) to various Node.js GraphQL servers.

Note This package has been deprecated.

Affected versions of this package are vulnerable to Denial of Service (DoS). The server would hang on unconsumed streams.

How to fix Denial of Service (DoS)?

Upgrade apollo-upload-server to version 7.0.0 or higher.

<7.0.0
  • H
Denial of Service (DoS)

apollo-upload-server is a Middleware and an Upload scalar to add support for GraphQL multipart requests (file uploads via queries and mutations) to various Node.js GraphQL servers.

Note This package has been deprecated.

Affected versions of this package are vulnerable to Denial of Service (DoS). Malformed requests that have the operations field, without following map and file fields would crash the server.

How to fix Denial of Service (DoS)?

Upgrade apollo-upload-server to version 7.0.0 or higher.

<7.0.0