15 matches found
CVE-2026-3206
Improper Resource Shutdown or Release vulnerability in KrakenD, SLU KrakenD-CE CircuitBreaker modules, KrakenD, SLU KrakenD-EE CircuitBreaker modules. This issue affects KrakenD-CE: before 2.13.1; KrakenD-EE: before 2.12.5...
CVE-2026-3206
Improper Resource Shutdown or Release vulnerability in KrakenD, SLU KrakenD-CE CircuitBreaker modules, KrakenD, SLU KrakenD-EE CircuitBreaker modules. This issue affects KrakenD-CE: before 2.13.1; KrakenD-EE: before 2.12.5...
CVE-2026-3206 Improper management of context cancelations
Improper Resource Shutdown or Release vulnerability in KrakenD, SLU KrakenD-CE CircuitBreaker modules, KrakenD, SLU KrakenD-EE CircuitBreaker modules. This issue affects KrakenD-CE: before 2.13.1; KrakenD-EE: before 2.12.5...
CVE-2026-3206
The CVE-2026-3206 entry details an Improper Resource Shutdown or Release vulnerability in KrakenD products. Affected: KrakenD-CE (CircuitBreaker modules) prior to 2.13.1; KrakenD-EE (CircuitBreaker modules) prior to 2.12.5. Impact and exploit details are not fully provided beyond the vulnerabilit...
KrakenD 安全漏洞
KrakenD is an open-source, scalable high-performance API gateway developed by KrakenD. It helps you easily adopt microservices and secure communication. There were security vulnerabilities in versions of KrakenD prior to 2.13.1 and KrakenD-EE prior to 2.12.5. These vulnerabilities stemmed from...
PT-2026-21928
Name of the Vulnerable Software and Affected Versions KrakenD-CE versions prior to 2.13.1 KrakenD-EE versions prior to 2.13.0 Description An improper resource shutdown or release issue exists in KrakenD, specifically within the CircuitBreaker modules of both KrakenD-CE and KrakenD-EE. The issue...
EUVD-2022-24853
Malicious code in bioql PyPI...
CVE-2022-1561
Lura and KrakenD-CE versions older than v2.0.2 and KrakenD-EE versions older than v2.0.0 do not sanitize URL parameters correctly, allowing a malicious user to alter the backend URL defined for a pipe when remote users send crafty URL requests. The vulnerability does not affect KrakenD itself, bu...
CVE-2022-1561
Lura and KrakenD-CE versions older than v2.0.2 and KrakenD-EE versions older than v2.0.0 do not sanitize URL parameters correctly, allowing a malicious user to alter the backend URL defined for a pipe when remote users send crafty URL requests. The vulnerability does not affect KrakenD itself, bu...
Code injection
Lura and KrakenD-CE versions older than v2.0.2 and KrakenD-EE versions older than v2.0.0 do not sanitize URL parameters correctly, allowing a malicious user to alter the backend URL defined for a pipe when remote users send crafty URL requests. The vulnerability does not affect KrakenD itself, bu...
CVE-2022-1561 Crafted backend URLs in Lura Project
Lura and KrakenD-CE versions older than v2.0.2 and KrakenD-EE versions older than v2.0.0 do not sanitize URL parameters correctly, allowing a malicious user to alter the backend URL defined for a pipe when remote users send crafty URL requests. The vulnerability does not affect KrakenD itself, bu...
CVE-2022-1561
The CVE-2022-1561 issue concerns Lura and KrakenD-CE before 2.0.2 and KrakenD-EE before 2.0.0 where URL parameters aren’t sanitized, enabling a crafted URL to alter the backend URL defined for a pipe. The vulnerability does not affect KrakenD itself, but the consumed backend may be vulnerable. Re...
Lura和KrakenD 安全漏洞
Lura is Lura Project open source an ultra-high-performance API gateway and middleware assembled together open framework.KrakenD is KrakenD open source a scalable ultra-high-performance API gateway. Helps you easily adopt microservices and secure communications. A security vulnerability exists in...
PT-2022-13961 · Unknown +1 · Krakend-Ce +2
Name of the Vulnerable Software and Affected Versions: Lura versions prior to 2.0.2 KrakenD-CE versions prior to 2.0.2 KrakenD-EE versions prior to 2.0.0 Description: The issue arises from incorrect sanitization of URL parameters, allowing malicious users to alter the backend URL defined for a pi...
CVE-2022-1561
Lura and KrakenD-CE versions older than v2.0.2 and KrakenD-EE versions older than v2.0.0 do not sanitize URL parameters correctly, allowing a malicious user to alter the backend URL defined for a pipe when remote users send crafty URL requests. The vulnerability does not affect KrakenD itself, bu...