CVE-2025-31481

Published April 3rd, 2025

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. Using the Relay special node type you can bypass the configured security on an operation. This vulnerability is fixed in 4.0.22 and 3.4.17.

api-platform/core

The server component of API Platform: hypermedia and GraphQL APIs in minutes

GitHub

2.56K