Vulnerabilities > TYK > TYK
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-07 | CVE-2023-42283 | SQL Injection vulnerability in TYK 5.0.3 Blind SQL injection in api_id parameter in Tyk Gateway version 5.0.3 allows attacker to access and dump the database via a crafted SQL query. | 9.8 |
2023-11-07 | CVE-2023-42284 | SQL Injection vulnerability in TYK 5.0.3 Blind SQL injection in api_version parameter in Tyk Gateway version 5.0.3 allows attacker to access and dump the database via a crafted SQL query. | 9.8 |
2021-03-15 | CVE-2021-23357 | Path Traversal vulnerability in TYK All versions of package github.com/tyktechnologies/tyk/gateway are vulnerable to Directory Traversal via the handleAddOrUpdateApi function. | 4.6 |