exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2022-29946

больше 1 года назад

NATS.io NATS Server before 2.8.2 and Streaming Server before 0.24.6 could allow a remote attacker to bypass security restrictions, caused by the failure to enforce negative user permissions in one scenario. By using a queue subscription on the wildcard, an attacker could exploit this vulnerability to allow denied subjects.

CVSS3: 6.3

EPSS: Низкий

CVE-2022-29946

больше 1 года назад

NATS.io NATS Server before 2.8.2 and Streaming Server before 0.24.6 could allow a remote attacker to bypass security restrictions, caused by the failure to enforce negative user permissions in one scenario. By using a queue subscription on the wildcard, an attacker could exploit this vulnerability to allow denied subjects.

CVSS3: 5.4

EPSS: Низкий

CVE-2022-29946

больше 1 года назад

NATS.io NATS Server before 2.8.2 and Streaming Server before 0.24.6 could allow a remote attacker to bypass security restrictions, caused by the failure to enforce negative user permissions in one scenario. By using a queue subscription on the wildcard, an attacker could exploit this vulnerability to allow denied subjects.

CVSS3: 6.3

EPSS: Низкий

CVE-2022-29946

больше 1 года назад

NATS.io NATS Server before 2.8.2 and Streaming Server before 0.24.6 co ...

CVSS3: 6.3

EPSS: Низкий

GHSA-2h2x-8hh2-mfq8

больше 1 года назад

NATS Server and Streaming Server fails to enforce negative user permissions, may allow denied subjects

CVSS3: 6.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2022-29946 NATS.io NATS Server before 2.8.2 and Streaming Server before 0.24.6 could allow a remote attacker to bypass security restrictions, caused by the failure to enforce negative user permissions in one scenario. By using a queue subscription on the wildcard, an attacker could exploit this vulnerability to allow denied subjects.	CVSS3: 6.3	0% Низкий	больше 1 года назад
CVE-2022-29946 NATS.io NATS Server before 2.8.2 and Streaming Server before 0.24.6 could allow a remote attacker to bypass security restrictions, caused by the failure to enforce negative user permissions in one scenario. By using a queue subscription on the wildcard, an attacker could exploit this vulnerability to allow denied subjects.	CVSS3: 5.4	0% Низкий	больше 1 года назад
CVE-2022-29946 NATS.io NATS Server before 2.8.2 and Streaming Server before 0.24.6 could allow a remote attacker to bypass security restrictions, caused by the failure to enforce negative user permissions in one scenario. By using a queue subscription on the wildcard, an attacker could exploit this vulnerability to allow denied subjects.	CVSS3: 6.3	0% Низкий	больше 1 года назад
CVE-2022-29946 NATS.io NATS Server before 2.8.2 and Streaming Server before 0.24.6 co ...	CVSS3: 6.3	0% Низкий	больше 1 года назад
GHSA-2h2x-8hh2-mfq8 NATS Server and Streaming Server fails to enforce negative user permissions, may allow denied subjects	CVSS3: 6.5	0% Низкий	больше 1 года назад

Уязвимостей на страницу