VYPR

Maven package

io.apiman/apiman-manager-api-rest-impl

pkg:maven/io.apiman/apiman-manager-api-rest-impl

Vulnerabilities (2)

  • CVE-2023-28640Mar 27, 2023
    affected < 3.1.0.Finalfixed 3.1.0.Final

    Apiman is a flexible and open source API Management platform. Due to a missing permissions check, an attacker with an authenticated Apiman Manager account may be able to gain access to API keys they do not have permission for if they correctly guess the URL, which includes Organi

  • CVE-2022-47551Dec 19, 2022
    affected >= 1.5.7, < 3.0.0.Finalfixed 3.0.0.Final

    Apiman 1.5.7 through 2.2.3.Final has insufficient checks for read permissions within the Apiman Manager REST API. The root cause of the issue is the Apiman project's accidental acceptance of a large contribution that was not fully compatible with the security model of Apiman vers