Vulnerabilities > Linuxfoundation > Nats Server > 2.1.6

DATE CVE VULNERABILITY TITLE RISK
2020-11-06 CVE-2020-26892 Use of Hard-coded Credentials vulnerability in multiple products
The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled.
network
low complexity
linuxfoundation fedoraproject CWE-798
critical
 9.8
9.8
2020-11-06 CVE-2020-26521 NULL Pointer Dereference vulnerability in multiple products
The JWT library in NATS nats-server before 2.1.9 allows a denial of service (a nil dereference in Go code).
network
low complexity
linuxfoundation fedoraproject CWE-476
7.5
7.5