Lucene search
Veracode Vulnerability DatabaseVERACODE:30641HistoryMay 24, 2021 - 9:24 a.m.
Insecure Session Management
2021-05-2409:24:55
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.002 Low
EPSS
Percentile
53.5%
github.com/nats-io/nats-server uses an insecure session management. Expired credentials are not properly handled,
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/nats-io/nats-server | le | v2.1.8 | |
| github.com/nats-io/nats-server | le | v2.1.8 |
References
github.com/nats-io/nats-server/commit/1e08b67f08e18cd844dce833a265aaa72500a12f
github.com/nats-io/nats-server/commits/master
github.com/nats-io/nats-server/pull/1632
github.com/nats-io/nats-server/security/advisories/GHSA-2c64-vj8g-vwrq
lists.fedoraproject.org/archives/list/[email protected]/message/VT67XCLIIBYRT762SVFBYFFTQFVSM3SI/
www.openwall.com/lists/oss-security/2020/11/02/2
Related
osv
osv
CVE-2020-26892
2020-11-06 08:15:13
Incorrect handling of credential expiry by /nats-io/nats-server
2022-02-11 23:42:20
Incorrect handling of credential expiry in github.com/nats-io/jwt
2022-07-15 23:29:36
debiancve
debiancve
CVE-2020-26892
2020-11-06 08:15:13
cvelist
cvelist
CVE-2020-26892
2020-11-06 07:36:45
nvd
nvd
CVE-2020-26892
2020-11-06 08:15:13
ubuntucve
ubuntucve
CVE-2020-26892
2020-11-06 00:00:00
github
github
Incorrect handling of credential expiry by /nats-io/nats-server
2021-05-21 16:11:49
Incorrect handling of credential expiry by /nats-io/nats-server
2022-02-11 23:42:20
prion
prion
Code injection
2020-11-06 08:15:00
cve
cve
CVE-2020-26892
2020-11-06 08:15:13
fedora
fedora
[SECURITY] Fedora 33 Update: nats-server-2.1.9-1.fc33
2021-01-04 01:08:19
nessus
nessus
Fedora 33 : nats-server (2020-2c8851d48b)
2021-01-04 00:00:00
openvas
openvas
Fedora: Security Advisory for nats-server (FEDORA-2020-2c8851d48b)
2021-01-11 00:00:00
