Lucene search
GoogleOSV:BIT-NATS-2021-3127HistoryMar 06, 2024 - 10:58 a.m.
BIT-nats-2021-3127
2024-03-0610:58:33
Google
osv.dev
1
nats server
jwt library
access control
import token
security issue
NATS Server 2.x before 2.2.0 and JWT library before 2.0.1 have Incorrect Access Control because Import Token bindings are mishandled.
References
Related
github
github
nats-io/jwt not enforcing checking of Import token permissions
2022-02-15 00:42:28
veracode
veracode
Insecure Token Permissions
2021-05-24 08:04:24
cvelist
cvelist
CVE-2021-3127
2021-03-16 19:55:10
prion
prion
Design/Logic Flaw
2021-03-16 20:15:00
osv
osv
CVE-2021-3127
2021-03-16 20:15:13
nats-io/jwt not enforcing checking of Import token permissions
2022-02-15 00:42:28
debiancve
debiancve
CVE-2021-3127
2021-03-16 20:15:00
redhatcve
redhatcve
CVE-2021-3127
2021-03-30 07:26:55
cve
cve
CVE-2021-3127
2021-03-16 20:15:00
ubuntucve
ubuntucve
CVE-2021-3127
2021-03-16 00:00:00