Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Nats_streaming_server
(Nats)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-02-08 | CVE-2022-24450 | NATS nats-server before 2.7.2 has Incorrect Access Control. Any authenticated user can obtain the privileges of the System account by misusing the "dynamically provisioned sandbox accounts" feature. | Nats_server, Nats_streaming_server | 8.8 | ||
| 2022-03-10 | CVE-2022-26652 | NATS nats-server before 2.7.4 allows Directory Traversal (with write access) via an element in a ZIP archive for JetStream streams. nats-streaming-server before 0.24.3 is also affected. | Nats_server, Nats_streaming_server | 6.5 |