Kong Alpine Docker Image
1 CVEs
product
Monthly
The official kong docker images before 1.0.2-alpine (Alpine specific) contain a blank password for a root user. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Docker
Authentication Bypass
Kong Alpine Docker Image
NVD
GitHub
CVSS 3.1
9.8
EPSS
2.2%
EPSS 2%
CVSS 9.8
CRITICAL
Act Now
The official kong docker images before 1.0.2-alpine (Alpine specific) contain a blank password for a root user. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Docker
Authentication Bypass
Kong Alpine Docker Image
NVD
GitHub