Vulnerabilities > Redhat > Apicast
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-27 | CVE-2023-0456 | Missing Authorization vulnerability in Redhat Apicast 2.0.0 A flaw was found in APICast, when 3Scale's OIDC module does not properly evaluate the response to a mismatched token from a separate realm. | 7.5 |
| 2022-04-27 | CVE-2021-3523 | Improper Preservation of Permissions vulnerability in Redhat Apicast 2.0.0 A flaw was found in 3Scale APICast in versions prior to 2.11.0, where it incorrectly identified connections for reuse. | 4.3 |