Skip to main content

3Scale

4 CVEs product

Monthly

CVE-2024-0560 MEDIUM PATCH This Month

A vulnerability was found in 3Scale, when used with Keycloak 15 (or RHSSO 7.5.0) and superiors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure 3Scale
NVD GitHub
CVSS 3.1
4.3
EPSS
0.5%
CVE-2021-3412 HIGH This Week

It was found that all versions of 3Scale developer portal lacked brute force protections. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass 3Scale 3Scale Api Management
NVD
CVSS 3.1
7.3
EPSS
0.8%
CVE-2020-10711 MEDIUM PATCH This Month

A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Linux Null Pointer Dereference Denial Of Service Linux Kernel 3Scale +9
NVD
CVSS 3.1
5.9
EPSS
3.1%
CVE-2019-14849 MEDIUM This Month

A vulnerability was found in 3scale before version 2.6, did not set the HTTPOnly attribute on the user session cookie. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS 3Scale
NVD
CVSS 3.1
5.4
EPSS
0.5%
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

A vulnerability was found in 3Scale, when used with Keycloak 15 (or RHSSO 7.5.0) and superiors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure 3Scale
NVD GitHub
EPSS 1% CVSS 7.3
HIGH This Week

It was found that all versions of 3Scale developer portal lacked brute force protections. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass 3Scale 3Scale Api Management
NVD
EPSS 3% CVSS 5.9
MEDIUM PATCH This Month

A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Linux Null Pointer Dereference Denial Of Service +11
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

A vulnerability was found in 3scale before version 2.6, did not set the HTTPOnly attribute on the user session cookie. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS 3Scale
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy