Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linuxfoundation nats-server vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2023-47090
NATS nats-server prior to 2.9.23 and 2.10.x prior to 2.10.2 has an authentication bypass. An implicit $G user in an authorization block can sometimes be used for unauthenticated access, even when the intention of the configuration was for each user to have an account. The earlies...
Linuxfoundation Nats-server
9.8
CVSSv3
CVE-2022-28357
NATS nats-server 2.2.0 up to and including 2.7.4 allows directory traversal because of an unintended path to a management action from a management account.
Linuxfoundation Nats-server
9.8
CVSSv3
CVE-2020-26892
The JWT library in NATS nats-server prior to 2.1.9 has Incorrect Access Control because of how expired credentials are handled.
Linuxfoundation Nats-server
Fedoraproject Fedora 33
7.5
CVSSv3
CVE-2020-26521
The JWT library in NATS nats-server prior to 2.1.9 allows a denial of service (a nil dereference in Go code).
Linuxfoundation Nats-server
Fedoraproject Fedora 33
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started