Skip to main content

Nats Streaming Server

2 CVEs product

Monthly

CVE-2022-26652 Go MEDIUM PATCH This Month

NATS nats-server before 2.7.4 allows Directory Traversal (with write access) via an element in a ZIP archive for JetStream streams. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Nats Server Nats Streaming Server
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-24450 Go HIGH PATCH This Week

NATS nats-server before 2.7.2 has Incorrect Access Control. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Nats Server Nats Streaming Server
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.5%
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

NATS nats-server before 2.7.4 allows Directory Traversal (with write access) via an element in a ZIP archive for JetStream streams. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Nats Server Nats Streaming Server
NVD GitHub VulDB
EPSS 1% CVSS 8.8
HIGH PATCH This Week

NATS nats-server before 2.7.2 has Incorrect Access Control. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Nats Server Nats Streaming Server
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy