9 matches found
EUVD-2022-24853
Malicious code in bioql PyPI...
CVE-2022-1561
Lura and KrakenD-CE versions older than v2.0.2 and KrakenD-EE versions older than v2.0.0 do not sanitize URL parameters correctly, allowing a malicious user to alter the backend URL defined for a pipe when remote users send crafty URL requests. The vulnerability does not affect KrakenD itself, bu...
CVE-2022-1561
Lura and KrakenD-CE versions older than v2.0.2 and KrakenD-EE versions older than v2.0.0 do not sanitize URL parameters correctly, allowing a malicious user to alter the backend URL defined for a pipe when remote users send crafty URL requests. The vulnerability does not affect KrakenD itself, bu...
Code injection
Lura and KrakenD-CE versions older than v2.0.2 and KrakenD-EE versions older than v2.0.0 do not sanitize URL parameters correctly, allowing a malicious user to alter the backend URL defined for a pipe when remote users send crafty URL requests. The vulnerability does not affect KrakenD itself, bu...
CVE-2022-1561 Crafted backend URLs in Lura Project
Lura and KrakenD-CE versions older than v2.0.2 and KrakenD-EE versions older than v2.0.0 do not sanitize URL parameters correctly, allowing a malicious user to alter the backend URL defined for a pipe when remote users send crafty URL requests. The vulnerability does not affect KrakenD itself, bu...
CVE-2022-1561
The CVE-2022-1561 issue concerns Lura and KrakenD-CE before 2.0.2 and KrakenD-EE before 2.0.0 where URL parameters aren’t sanitized, enabling a crafted URL to alter the backend URL defined for a pipe. The vulnerability does not affect KrakenD itself, but the consumed backend may be vulnerable. Re...
Lura和KrakenD 安全漏洞
Lura is Lura Project open source an ultra-high-performance API gateway and middleware assembled together open framework.KrakenD is KrakenD open source a scalable ultra-high-performance API gateway. Helps you easily adopt microservices and secure communications. A security vulnerability exists in...
PT-2022-13961 · Unknown +1 · Krakend-Ce +2
Name of the Vulnerable Software and Affected Versions: Lura versions prior to 2.0.2 KrakenD-CE versions prior to 2.0.2 KrakenD-EE versions prior to 2.0.0 Description: The issue arises from incorrect sanitization of URL parameters, allowing malicious users to alter the backend URL defined for a pi...
CVE-2022-1561
Lura and KrakenD-CE versions older than v2.0.2 and KrakenD-EE versions older than v2.0.0 do not sanitize URL parameters correctly, allowing a malicious user to alter the backend URL defined for a pipe when remote users send crafty URL requests. The vulnerability does not affect KrakenD itself, bu...