VYPR

Dapr

by Dapr

Source repositories

CVEs (3)

  • CVE-2026-41491HigMay 8, 2026
    risk 0.46cvss 8.1epss 0.00

    Dapr is a portable, event-driven, runtime for building distributed applications across cloud and edge. From versions 1.3.0 to before 1.15.14, 1.16.0-rc.1 to before 1.16.14, and 1.17.0-rc.1 to before 1.17.5, a vulnerability has been found in Dapr that allows bypassing access…

  • CVE-2024-35223MedMay 23, 2024
    risk 0.27cvss 5.3epss 0.00

    Dapr is a portable, event-driven, runtime for building distributed applications across cloud and edge. Dapr sends the app token of the invoker app instead of the app token of the invoked app. This causes of a leak of the application token of the invoker app to the invoked app…

  • CVE-2023-37918Jul 21, 2023
    risk 0.00cvss epss 0.01

    Dapr is a portable, event-driven, runtime for building distributed applications across cloud and edge. A vulnerability has been found in Dapr that allows bypassing API token authentication, which is used by the Dapr sidecar to authenticate calls coming from the application, with…