Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4
CVSSv2

CVE-2022-26652

Published: 10/03/2022 Updated: 18/03/2022
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 357
Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N
Subscribe to Nats Server

Vulnerability Summary

NATS nats-server prior to 2.7.4 allows Directory Traversal (with write access) via an element in a ZIP archive for JetStream streams. nats-streaming-server prior to 0.24.3 is also affected.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

nats nats server

nats nats streaming server

Github Repositories

https://github.com/deeptisjfrog/myfrogbot

Frogbot Table of contents What is Frogbot? Scan pull requests when they are opened Scanning repositories and fixing issues Installing Frogbot Reporting issues Contributions 🤖 What is Frogbot? Frogbot is a Git bot that scans your pull requests and repositories for security vulnerabilities You can scan pull requests when they are opened, and Git repositories following

https://github.com/samrjfrog/jfrogbot

Frogbot Table of contents What is Frogbot? How does it work? General GitHub GitLab Pull Request Comments Installing and Using Frogbot Contributions 🤖 What is Frogbot? Frogbot is a Git bot that scans your pull requests for security vulnerabilities using JFrog Xray Frogbot adds the scan results as a comment on the pull request If no new vulnerabilities are found

https://github.com/actions-marketplace-validations/jfrog_frogbot

Frogbot Table of contents What is Frogbot? Scan pull requests when they are opened Scanning repositories following new commits Installing and using Frogbot Contributions 🤖 What is Frogbot? Frogbot is a Git bot that scans your pull requests and repositories for security vulnerabilities You can scan pull requests when they are opened, and Git repositories following ne

References

CWE-22https://github.com/nats-io/nats-server/security/advisories/GHSA-6h3m-36w8-hv68https://github.com/nats-io/nats-server/releaseshttps://advisories.nats.io/CVE/CVE-2022-26652.txthttp://www.openwall.com/lists/oss-security/2022/03/10/1https://nvd.nist.govhttps://github.com/deeptisjfrog/myfrogbot
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-3400deserializationCVE-2024-21788CVE-2023-42433CVE-2024-21841CVE-2024-22095local file inclusionmemory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook