Skip to main content

Nakama

2 CVEs product

Monthly

CVE-2022-2321 Go CRITICAL POC PATCH Act Now

Improper Restriction of Excessive Authentication Attempts in GitHub repository heroiclabs/nakama prior to 3.13.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Nakama
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-2306 Go HIGH POC PATCH This Week

Old session tokens can be used to authenticate to the application and send authenticated requests. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Nakama
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

Improper Restriction of Excessive Authentication Attempts in GitHub repository heroiclabs/nakama prior to 3.13.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Nakama
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

Old session tokens can be used to authenticate to the application and send authenticated requests. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Nakama
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy