Microcks

microcks

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Microcks

microcks

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-44076 1Microcks 1Microcks Aug 21, 2024 Aug 19, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrator access.
CVE-2023-48910 1Microcks 1Microcks Nov 21, 2024 Dec 4, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Microcks up to 1.17.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /jobs and /artifact/download. This vulnerability allows attackers to access network resources and sensitive informati...Show more Microcks up to 1.17.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /jobs and /artifact/download. This vulnerability allows attackers to access network resources and sensitive information via a crafted GET request.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2024-44076

1Microcks

Aug 21, 2024

Aug 19, 2024

N/A· v4

9.8 CRITICAL· v3

N/A· v2

In Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrator access.

CVE-2023-48910

1Microcks

Nov 21, 2024

Dec 4, 2023

N/A· v4

9.8 CRITICAL· v3

N/A· v2

Microcks up to 1.17.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /jobs and /artifact/download. This vulnerability allows attackers to access network resources and sensitive informati...Show more