VYPR

Apiman

by Appian

Source repositories

CVEs (2)

  • CVE-2023-28640Mar 27, 2023
    risk 0.00cvss epss 0.00

    Apiman is a flexible and open source API Management platform. Due to a missing permissions check, an attacker with an authenticated Apiman Manager account may be able to gain access to API keys they do not have permission for if they correctly guess the URL, which includes…

  • CVE-2022-47551Dec 19, 2022
    risk 0.00cvss epss 0.01

    Apiman 1.5.7 through 2.2.3.Final has insufficient checks for read permissions within the Apiman Manager REST API. The root cause of the issue is the Apiman project's accidental acceptance of a large contribution that was not fully compatible with the security model of Apiman…