709 matches found
ROOT-APP-GOBINARY-CVE-2026-29785 CVE-2026-29785 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root
Root has patched CVE-2026-29785 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...
ROOT-APP-GOBINARY-CVE-2026-27889 CVE-2026-27889 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root
Root has patched CVE-2026-27889 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...
ROOT-APP-GOBINARY-CVE-2026-33217 CVE-2026-33217 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root
Root has patched CVE-2026-33217 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...
ROOT-APP-GOBINARY-CVE-2026-33248 CVE-2026-33248 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root
Root has patched CVE-2026-33248 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...
ROOT-APP-GOBINARY-CVE-2026-33216 CVE-2026-33216 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root
Root has patched CVE-2026-33216 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...
ROOT-APP-GOBINARY-CVE-2026-33222 CVE-2026-33222 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root
Root has patched CVE-2026-33222 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...
ROOT-APP-GOBINARY-CVE-2026-33223 CVE-2026-33223 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root
Root has patched CVE-2026-33223 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...
ROOT-APP-GOBINARY-CVE-2026-33249 CVE-2026-33249 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root
Root has patched CVE-2026-33249 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...
ROOT-APP-GOBINARY-CVE-2026-33246 CVE-2026-33246 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root
Root has patched CVE-2026-33246 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...
ROOT-APP-GOBINARY-CVE-2026-33218 CVE-2026-33218 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root
Root has patched CVE-2026-33218 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...
ROOT-APP-GOBINARY-CVE-2026-33215 CVE-2026-33215 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root
Root has patched CVE-2026-33215 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...
ROOT-APP-GOBINARY-CVE-2026-33247 CVE-2026-33247 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root
Root has patched CVE-2026-33247 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...
ROOT-APP-GOBINARY-CVE-2026-33219 CVE-2026-33219 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root
Root has patched CVE-2026-33219 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...
EUVD-2026-34193
A network man-in-the-middle between nats-sync and the BOSH director can steal the director credentials Basic auth header or UAA client secret and can tamper with the VM list that is written into the NATS authorization file. Stolen credentials grant administrative director access...
CVE-2026-41859
A network man-in-the-middle between nats-sync and the BOSH director can steal the director credentials Basic auth header or UAA client secret and can tamper with the VM list that is written into the NATS authorization file. Stolen credentials grant administrative director access...
CVE-2026-41859
CVE-2026-41859 describes a man-in-the-middle between nats-sync and the BOSH director that can steal director credentials (Basic auth header or UAA client secret) and tamper with the VM list written into the NATS authorization file. Stolen credentials grant administrative director access. The issu...
Cloud Foundry BOSH 安全漏洞
Cloud Foundry BOSH is a cloud infrastructure automation platform developed by the US-based Cloud Foundry company. All versions of Cloud Foundry BOSH, as well as previous versions, have security vulnerabilities. These vulnerabilities stem from man-in-the-middle attacks between nats-sync and BOSH...
CVE-2026-41859 - Missing TLS in NATS sync | Cloud Foundry
CVSS Score: High 7.1 CVSSv4: High 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:N/SC:H/SI:H/SA:H CVSSv3: High 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Vendor Cloudfoundry Foundation / BOSH Versions Affected Severity is High unless otherwise noted. BOSH – All versions prior to v282.1....
CVE-2026-41704
AgentClienthandlemethod lines 264-303 processes every NATS reply. It calls injectcompilelog line 273 on every response, which reads response'value''result''compilelogid' line 332-338 and passes it to downloadanddeleteblob. Separately, any response containing 'exception' goes through formatexcepti...
EUVD-2026-32108
AgentClienthandlemethod lines 264-303 processes every NATS reply. It calls injectcompilelog line 273 on every response, which reads response'value''result''compilelogid' line 332-338 and passes it to downloadanddeleteblob. Separately, any response containing 'exception' goes through formatexcepti...