Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linuxfoundation nats-server vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2023-47090
NATS nats-server prior to 2.9.23 and 2.10.x prior to 2.10.2 has an authentication bypass. An implicit $G user in an authorization block can sometimes be used for unauthenticated access, even when the intention of the configuration was for each user to have an account. The earlies...
Linuxfoundation Nats-server
9.8
CVSSv3
CVE-2022-28357
NATS nats-server 2.2.0 up to and including 2.7.4 allows directory traversal because of an unintended path to a management action from a management account.
Linuxfoundation Nats-server
7.5
CVSSv3
CVE-2020-26521
The JWT library in NATS nats-server prior to 2.1.9 allows a denial of service (a nil dereference in Go code).
Linuxfoundation Nats-server
Fedoraproject Fedora 33
9.8
CVSSv3
CVE-2020-26892
The JWT library in NATS nats-server prior to 2.1.9 has Incorrect Access Control because of how expired credentials are handled.
Linuxfoundation Nats-server
Fedoraproject Fedora 33
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started