VYPR

Kong

by Kong

CVEs (2)

  • CVE-2023-2418Apr 29, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in Konga 2.8.3 on Kong. It has been classified as problematic. This affects an unknown part of the component Login API. The manipulation leads to insufficiently random values. The complexity of an attack is rather high. The exploitability is told to be…

  • CVE-2020-35189Dec 17, 2020
    risk 0.00cvss epss 0.02

    The official kong docker images before 1.0.2-alpine (Alpine specific) contain a blank password for a root user. System using the kong docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password.