Vulnerabilities (CVE)

Filtered by vendor Microcks Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-48910 1 Microcks 1 Microcks 2024-10-15 N/A 9.8 CRITICAL
Microcks up to 1.17.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /jobs and /artifact/download. This vulnerability allows attackers to access network resources and sensitive information via a crafted GET request.
CVE-2024-44076 1 Microcks 1 Microcks 2024-08-21 N/A 9.8 CRITICAL
In Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrator access.