📦

nats_streaming_server

Vendor: nats

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 4 Total Indexed

Avg. EPSS 0.67% Exploit Prob.

Latest CVE CVE-2022-26652 Mar 10

Security Vulnerability Index

Page 1 / 1

6.5 CVSS

CVE-2022-26652

NATS nats-server before 2.7.4 allows Directory Traversal (with write access) via an element in a ZIP archive for JetStream streams. nats-streaming-server before 0.24.3 is also affected.

EPSS: 0.68%

Severity: MEDIUM

Mar 10, 2022

8.8 CVSS

CVE-2022-24450

NATS nats-server before 2.7.2 has Incorrect Access Control. Any authenticated user can obtain the privileges of the System account by misusing the "dynamically provisioned sandbox accounts" feature.

EPSS: 0.65%

Severity: HIGH

Feb 08, 2022

Displaying 2 of 4 Total Entries

Total 1 Sections