Bryncooke

**Name of the Vulnerable Software and Affected Versions** Apollo Router versions prior to 1.33.0 **Description** The Apollo Router is subject to a Denial-of-Service (DoS) type issue that causes it to panic and terminate when a multi-part response is sent. This occurs when users send queries to the router that use the `@defer` or Subscriptions, and the router is configured with a coprocessor having `coprocessor.supergraph.response` in its `router.yaml` and supporting either `@defer` or Subscriptions. **Recommendations** For versions prior to 1.33.0, upgrade to version 1.33.0 to resolve the issue. As a temporary workaround for users unable to upgrade, consider avoiding the use of the coprocessor supergraph response or disabling defer and subscriptions support by setting `supergraph.defer support` to `false` and `subscription.enabled` to `false` in the `router.yaml` configuration.