559 matches found
CVE-2020-28466 Denial of Service (DoS)
This affects all versions of package github.com/nats-io/nats-server/server. Untrusted accounts are able to crash the server using configs that represent a service export/import cycles. Disclaimer from the maintainers: Running a NATS service which is exposed to untrusted users presents a heightene...
CVE-2020-28466
This affects all versions of package github.com/nats-io/nats-server/server. Untrusted accounts are able to crash the server using configs that represent a service export/import cycles. Disclaimer from the maintainers: Running a NATS service which is exposed to untrusted users presents a heightene...
CVE-2020-28466
CVE-2020-28466 affects the nats-server component at github.com/nats-io/nats-server/server. The issue arises from an export/import cycle between accounts that untrusted users can trigger, causing the server to crash (denial of service) by consuming CPU/memory. Connected advisories indicate the 2.x...
Waldemar Quevedo nats-server 安全漏洞
Waldemar Quevedo nats-server is Waldemar Quevedo an open source application. A simple, secure and high performance communication system for digital systems, services and devices. github.com/nats-io/nats-server/server A security vulnerability exists in all versions of nats-server, which stems from...
Fedora: Security Advisory for nats-server (FEDORA-2020-2c8851d48b)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 33 Update: nats-server-2.1.9-1.fc33
A High Performance NATS Server written in Go and hosted by the Cloud Native Computing Foundation CNCF...
Fedora 33 : nats-server (2020-2c8851d48b)
Update to 2.1.9 Security fix for CVE-2020-26892 Security fix for CVE-2020-26521 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...
Denial of Service (DoS)
Overview github.com/nats-io/nats-server/server is an A simple, secure and performant communications system for digital systems, services and devices. Affected versions of this package are vulnerable to Denial of Service DoS. Untrusted accounts are able to crash the server using configs that...
Denial of Service (DoS)
Overview github.com/nats-io/nats-server/v2/server is an A simple, secure and performant communications system for digital systems, services and devices. Affected versions of this package are vulnerable to Denial of Service DoS. Untrusted accounts are able to crash the server using configs that...
PT-2020-5727 · Nats.Io · Nats Server
Name of the Vulnerable Software and Affected Versions: github.com/nats-io/nats-server/server versions prior to a fixed version Description: The issue is related to an uncontrolled resource consumption in the NATS messaging system server. This can be exploited by a remote attacker to cause a denia...
Denial Of Service (DoS)
github.com/nats-io/nats-server is vulnerable to denial of service DoS. An attacker can cause an application to crash by sending a malicious JWT...
CVE-2020-26892
The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled...
CVE-2020-26521
The JWT library in NATS nats-server before 2.1.9 allows a denial of service a nil dereference in Go code...
CVE-2020-26892
The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled...
DEBIAN-CVE-2020-26892
The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled...
DEBIAN-CVE-2020-26521
The JWT library in NATS nats-server before 2.1.9 allows a denial of service a nil dereference in Go code...
CVE-2020-26521
The JWT library in NATS nats-server before 2.1.9 allows a denial of service a nil dereference in Go code...
Code injection
The JWT library in NATS nats-server before 2.1.9 allows a denial of service a nil dereference in Go code...
Code injection
The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled...
CVE-2020-26521
The JWT library in NATS nats-server before 2.1.9 allows a denial of service a nil dereference in Go code...