Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Dapr Security Vulnerabilities

cve
cve

CVE-2024-35223

Dapr is a portable, event-driven, runtime for building distributed applications across cloud and edge. Dapr sends the app token of the invoker app instead of the app token of the invoked app. This causes of a leak of the application token of the invoker app to the invoked app when using Dapr as a.....

5.3CVSS

7.1AI Score

0.0004EPSS

2024-05-23 09:15 AM
62
cve
cve

CVE-2023-37918

Dapr is a portable, event-driven, runtime for building distributed applications across cloud and edge. A vulnerability has been found in Dapr that allows bypassing API token authentication, which is used by the Dapr sidecar to authenticate calls coming from the application, with a well-crafted...

7.5CVSS

7.5AI Score

0.001EPSS

2023-07-21 09:15 PM
2375
cve
cve

CVE-2022-38817

Dapr Dashboard v0.1.0 through v0.10.0 is vulnerable to Incorrect Access Control that allows attackers to obtain sensitive...

7.5CVSS

7.3AI Score

0.013EPSS

2022-10-03 01:15 PM
37
6