3 matches found
CVE-2022-1561
The CVE-2022-1561 issue concerns Lura and KrakenD-CE before 2.0.2 and KrakenD-EE before 2.0.0 where URL parameters aren’t sanitized, enabling a crafted URL to alter the backend URL defined for a pipe. The vulnerability does not affect KrakenD itself, but the consumed backend may be vulnerable. Re...
CVE-2022-1561 Crafted backend URLs in Lura Project
Lura and KrakenD-CE versions older than v2.0.2 and KrakenD-EE versions older than v2.0.0 do not sanitize URL parameters correctly, allowing a malicious user to alter the backend URL defined for a pipe when remote users send crafty URL requests. The vulnerability does not affect KrakenD itself, bu...
CVE-2022-1561
Lura and KrakenD-CE versions older than v2.0.2 and KrakenD-EE versions older than v2.0.0 do not sanitize URL parameters correctly, allowing a malicious user to alter the backend URL defined for a pipe when remote users send crafty URL requests. The vulnerability does not affect KrakenD itself, bu...