Filtered by vendor Microcks
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-48910 | 1 Microcks | 1 Microcks | 2024-11-21 | N/A | 9.8 CRITICAL |
| Microcks up to 1.17.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /jobs and /artifact/download. This vulnerability allows attackers to access network resources and sensitive information via a crafted GET request. | |||||
| CVE-2024-44076 | 1 Microcks | 1 Microcks | 2024-08-21 | N/A | 9.8 CRITICAL |
| In Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrator access. | |||||