GO-2022-0852 Integer Overflow or Wraparound in NATS Server in github.com/nats-io/nats-server

Integer Overflow or Wraparound in NATS Server in github.com/nats-io/nats-server...

GO-2022-0398 Import loops in account imports, nats-server DoS in github.com/nats-io/nats-server

Import loops in account imports, nats-server DoS in github.com/nats-io/nats-server...

Improper TLS Ciphers Configuration

github.com/nats-io/nats-server/ is vulnerable to Improper TLS Ciphers Configuration. The vulnerability is due to the loss of restricted ciphersuite settings when using CLI options to set a key/cert for TLS, enabling all ciphersuites supported by Go by default...

Denial of service in github.com/nats-io/nats-server/server

This affects all versions of package github.com/nats-io/nats-server/server. Untrusted accounts are able to crash the server using configs that represent a service export/import cycles. Disclaimer from the maintainers - Running a NATS service which is exposed to untrusted users presents a heighten...

CVE-2020-28466

This affects all versions of package github.com/nats-io/nats-server/server. Untrusted accounts are able to crash the server using configs that represent a service export/import cycles. Disclaimer from the maintainers: Running a NATS service which is exposed to untrusted users presents a heightene...