3Scale
Monthly
A vulnerability was found in 3Scale, when used with Keycloak 15 (or RHSSO 7.5.0) and superiors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
It was found that all versions of 3Scale developer portal lacked brute force protections. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.
A vulnerability was found in 3scale before version 2.6, did not set the HTTPOnly attribute on the user session cookie. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A vulnerability was found in 3Scale, when used with Keycloak 15 (or RHSSO 7.5.0) and superiors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
It was found that all versions of 3Scale developer portal lacked brute force protections. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.
A vulnerability was found in 3scale before version 2.6, did not set the HTTPOnly attribute on the user session cookie. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.