Vulnerabilities > Nats > Nats Streaming Server > 0.21.0

DATE CVE VULNERABILITY TITLE RISK
2022-03-10 CVE-2022-26652 Path Traversal vulnerability in Nats Server and Nats Streaming Server
NATS nats-server before 2.7.4 allows Directory Traversal (with write access) via an element in a ZIP archive for JetStream streams.
network
low complexity
nats CWE-22
4.0
4.0
2022-02-08 CVE-2022-24450 Missing Authorization vulnerability in Nats Server and Nats Streaming Server
NATS nats-server before 2.7.2 has Incorrect Access Control.
network
low complexity
nats CWE-862
8.8
8.8