CVE-2025-31481

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
03/04/2025
Last modified:
08/04/2025

Description

API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. Using the Relay special node type you can bypass the configured security on an operation. This vulnerability is fixed in 4.0.22 and 3.4.17.