CVE-2020-26521

🗓️ 06 Nov 2020 08:13:15Reported by mitreType

The JWT library in NATS nats-server before 2.1.9 allows a denial of service (a nil dereferenc

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 17
UbuntuCve	CVE-2020-26521	6 Nov 202000:00	–	ubuntucve
Prion	Code injection	6 Nov 202008:15	–	prion
Cvelist	CVE-2020-26521	6 Nov 202007:35	–	cvelist
NVD	CVE-2020-26521	6 Nov 202008:15	–	nvd
OSV	UBUNTU-CVE-2020-26521	6 Nov 202008:15	–	osv
OSV	GHSA-H2FG-54X9-5QHQ Nil dereference in NATS JWT, DoS of nats-server	11 Feb 202223:43	–	osv
OSV	CGA-9CW7-WF97-9XRJ	6 Jun 202412:25	–	osv
OSV	CVE-2020-26521	6 Nov 202008:15	–	osv
OSV	GO-2022-0402 Panic in NATS JWT decoding in github.com/nats-io/jwt	1 Jul 202220:10	–	osv
OSV	GHSA-HMM9-R2M2-QG9W Nil dereference in NATS JWT causing DoS of nats-server	21 May 202116:22	–	osv

Nvd

Node

linuxfoundation nats-serverRange<2.1.9

Node

fedoraproject fedoraMatch33

Source	Link
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VT67XCLIIBYRT762SVFBYFFTQFVSM3SI/
github	www.github.com/nats-io/nats-server/commits/master
openwall	www.openwall.com/lists/oss-security/2020/11/02/2

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

06 Nov 2020 08:15Current

7.2High risk

Vulners AI Score7.2

CVSS25

CVSS37.5

EPSS0.00682

CWE-476