Maven package
io.apiman/apiman-manager-api-rest-impl
pkg:maven/io.apiman/apiman-manager-api-rest-impl
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-28640 | — | < 3.1.0.Final | 3.1.0.Final | Mar 27, 2023 | Apiman is a flexible and open source API Management platform. Due to a missing permissions check, an attacker with an authenticated Apiman Manager account may be able to gain access to API keys they do not have permission for if they correctly guess the URL, which includes Organi | ||
| CVE-2022-47551 | — | >= 1.5.7, < 3.0.0.Final | 3.0.0.Final | Dec 19, 2022 | Apiman 1.5.7 through 2.2.3.Final has insufficient checks for read permissions within the Apiman Manager REST API. The root cause of the issue is the Apiman project's accidental acceptance of a large contribution that was not fully compatible with the security model of Apiman vers |
- CVE-2023-28640Mar 27, 2023affected < 3.1.0.Finalfixed 3.1.0.Final
Apiman is a flexible and open source API Management platform. Due to a missing permissions check, an attacker with an authenticated Apiman Manager account may be able to gain access to API keys they do not have permission for if they correctly guess the URL, which includes Organi
- CVE-2022-47551Dec 19, 2022affected >= 1.5.7, < 3.0.0.Finalfixed 3.0.0.Final
Apiman 1.5.7 through 2.2.3.Final has insufficient checks for read permissions within the Apiman Manager REST API. The root cause of the issue is the Apiman project's accidental acceptance of a large contribution that was not fully compatible with the security model of Apiman vers