Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Konga Security Vulnerabilities

cve
cve

CVE-2021-42192

Konga v0.14.9 is affected by an incorrect access control vulnerability where a specially crafted request can lead to privilege escalation.

8.8CVSS

8.6AI Score

0.046EPSS

2022-05-04 11:15 AM
68
2
cve
cve

CVE-2023-2418

A vulnerability was found in Konga 2.8.3 on Kong. It has been classified as problematic. This affects an unknown part of the component Login API. The manipulation leads to insufficiently random values. The complexity of an attack is rather high. The exploitability is told to be difficult. The explo...

5.9CVSS

5.8AI Score

0.002EPSS

2023-04-29 01:15 AM
24
cve
cve

CVE-2023-26987

An issue discovered in Konga 0.14.9 allows remote attackers to manipulate user accounts regardless of privilege via crafted POST request.

6.5CVSS

6.5AI Score

0.001EPSS

2023-05-01 10:15 PM
20
cve
cve

CVE-2023-39846

An issue in Konga v0.14.9 allows attackers to bypass authentication via a crafted JWT token.

9.8CVSS

9.2AI Score

0.001EPSS

2023-08-16 10:15 PM
37