32 matches found
io.fabric8.apps:apiman (>=2.2.9.1 <=2.2.19), io.fabric8.apps:distro (>=2.2.7 <=2.2.19) +6 more potentially affected by CVE-2022-36437 via io.apiman:apiman-gateway-platforms-vertx (=1.1.3.CR1)
io.apiman:apiman-gateway-platforms-vertx MAVEN version =1.1.3.CR1 is affected by a known vulnerability. The following packages have a transitive dependency on io.apiman:apiman-gateway-platforms-vertx and may be impacted: - io.fabric8.apps:apiman =2.2.9.1, =2.2.7, =2.2.9.1, =2.2.7, =2.2.7, =2.1.2,...
Apiman Vert.x Gateway has Transitive Hazelcast connection caching issue
Impact If you are using the Apiman Vert.x Gateway prior to Apiman 3.0.0.Final, a connection caching issue in Hazelcast could allow an unauthenticated, remote attacker to access and manipulate data in the cluster with another authenticated connection's identity. Hazelcast is a transitive dependenc...
GHSA-54R5-WR8X-X5V3 Duplicate Advisory: Apiman has insufficient checks for read permissions
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-j94p-hv25-rm5g. This link is maintained to preserve external references. Original Description Apiman 1.5.7 through 2.2.3.Final has insufficient checks for read permissions within the Apiman Manager REST API. A...
Duplicate Advisory: Apiman has insufficient checks for read permissions
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-j94p-hv25-rm5g. This link is maintained to preserve external references. Original Description Apiman 1.5.7 through 2.2.3.Final has insufficient checks for read permissions within the Apiman Manager REST API. A...
CVE-2022-47551
Apiman 1.5.7 through 2.2.3.Final has insufficient checks for read permissions within the Apiman Manager REST API. The root cause of the issue is the Apiman project's accidental acceptance of a large contribution that was not fully compatible with the security model of Apiman versions before...
Design/Logic Flaw
Apiman 1.5.7 through 2.2.3.Final has insufficient checks for read permissions within the Apiman Manager REST API. The root cause of the issue is the Apiman project's accidental acceptance of a large contribution that was not fully compatible with the security model of Apiman versions before...
CVE-2022-47551
Apiman 1.5.7 through 2.2.3.Final has insufficient checks for read permissions within the Apiman Manager REST API. The root cause of the issue is the Apiman project's accidental acceptance of a large contribution that was not fully compatible with the security model of Apiman versions before...
Apiman 安全漏洞
Apiman is Apiman Open Source, a flexible open source API management platform for enterprise users. A security vulnerability exists in Apiman versions 1.5.7 through 2.2.3.Final, which stems from insufficient checking of read permissions in the Apiman Manager REST API...
CVE-2022-47551
Apiman 1.5.7 through 2.2.3.Final has insufficient checks for read permissions within the Apiman Manager REST API. The root cause of the issue is the Apiman project's accidental acceptance of a large contribution that was not fully compatible with the security model of Apiman versions before...
PT-2022-28075 · Apiman · Apiman
Name of the Vulnerable Software and Affected Versions: Apiman versions 1.5.7 through 2.2.3.Final Description: The issue is caused by insufficient checks for read permissions within the Apiman Manager REST API, allowing a malicious user to access private APIs they do not have permission for. This ...
CVE-2022-47551
Apiman 1.5.7 through 2.2.3.Final has insufficient checks for read permissions within the Apiman Manager REST API. The root cause of the issue is the Apiman project's accidental acceptance of a large contribution that was not fully compatible with the security model of Apiman versions before...
CVE-2022-47551
CVE-2022-47551 affects Apiman 1.5.7 through 2.2.3.Final, with insufficient checks for read permissions in the Apiman Manager REST API. Root cause is the project’s accidental acceptance of a large contribution not fully compatible with the security model prior to 3.0.0.Final, and versions from 3.0...