Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2023-44487

Disclosure Date: October 10, 2023 (last updated June 28, 2024)
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
1
0
Attacker Value
Unknown

CVE-2021-27306

Disclosure Date: March 18, 2021 (last updated November 08, 2023)
An improper access control vulnerability in the JWT plugin in Kong Gateway prior to 2.3.2.0 allows unauthenticated users access to authenticated routes without a valid token JWT.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0