Vulnerabilities > Alibaba > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-22 | CVE-2020-21699 | Integer Overflow or Wraparound vulnerability in Alibaba Tengine 2.2.2 The web server Tengine 2.2.2 developed in the Nginx version from 0.5.6 thru 1.13.2 is vulnerable to an integer overflow vulnerability in the nginx range filter module, resulting in the leakage of potentially sensitive information triggered by specially crafted requests. | 7.5 |
| 2022-07-05 | CVE-2021-43116 | Improper Authentication vulnerability in Alibaba Nacos An Access Control vulnerability exists in Nacos 2.0.3 in the access prompt page; enter username and password, click on login to capture packets and then change the returned package, which lets a malicious user login. | 8.8 |
| 2021-11-03 | CVE-2021-33800 | Path Traversal vulnerability in Alibaba Druid 1.2.3 In Druid 1.2.3, visiting the path with parameter in a certain function can lead to directory traversal. | 7.5 |
| 2021-04-27 | CVE-2021-29442 | Unspecified vulnerability in Alibaba Nacos Nacos is a platform designed for dynamic service discovery and configuration and service management. | 7.5 |