Vulnerabilities > Nats
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-31 | CVE-2023-46129 | Missing Required Cryptographic Step vulnerability in Nats Server and Nkeys NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. | 7.5 |
2022-03-10 | CVE-2022-26652 | Path Traversal vulnerability in Nats Server and Nats Streaming Server NATS nats-server before 2.7.4 allows Directory Traversal (with write access) via an element in a ZIP archive for JetStream streams. | 4.0 |
2022-02-08 | CVE-2022-24450 | Missing Authorization vulnerability in Nats Server and Nats Streaming Server NATS nats-server before 2.7.2 has Incorrect Access Control. | 8.8 |
2021-03-16 | CVE-2021-3127 | Improper Handling of Exceptional Conditions vulnerability in Nats JWT Library and Nats Server NATS Server 2.x before 2.2.0 and JWT library before 2.0.1 have Incorrect Access Control because Import Token bindings are mishandled. | 5.0 |
2021-03-07 | CVE-2020-28466 | Unspecified vulnerability in Nats Server 2.0.0/2.0.2 This affects all versions of package github.com/nats-io/nats-server/server. | 5.0 |
2019-07-29 | CVE-2019-13126 | Integer Overflow or Wraparound vulnerability in Nats Server An integer overflow in NATS Server before 2.0.2 allows a remote attacker to crash the server by sending a crafted request. | 7.5 |