Skip to main content

Agoo

2 CVEs product

Monthly

CVE-2022-30288 HIGH POC This Week

Agoo before 2.14.3 does not reject GraphQL fragment spreads that form cycles, leading to an application crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Agoo
NVD GitHub
CVSS 3.1
7.5
EPSS
1.5%
CVE-2020-7670 HIGH This Week

agoo prior to 2.14.0 allows request smuggling attacks where agoo is used as a backend and a frontend proxy also being vulnerable. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Request Smuggling Information Disclosure Agoo
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
EPSS 2% CVSS 7.5
HIGH POC This Week

Agoo before 2.14.3 does not reject GraphQL fragment spreads that form cycles, leading to an application crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Agoo
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

agoo prior to 2.14.0 allows request smuggling attacks where agoo is used as a backend and a frontend proxy also being vulnerable. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Request Smuggling Information Disclosure Agoo
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy