DEBIAN-CVE-2022-29946

NATS.io NATS Server before 2.8.2 and Streaming Server before 0.24.6 could allow a remote attacker to bypass security restrictions, caused by the failure to enforce negative user permissions in one scenario. By using a queue subscription on the wildcard, an attacker could exploit this vulnerabilit...

PT-2024-11549 · Unknown · Nats Server +1

Name of the Vulnerable Software and Affected Versions: NATS Server versions prior to 2.8.2 NATS Streaming Server versions prior to 0.24.6 Description: The issue is caused by the failure to enforce negative user permissions in one scenario, allowing a remote attacker to bypass security restriction...