VYPR

Microcks

by Microcks

Source repositories

CVEs (2)

  • CVE-2024-44076Aug 19, 2024
    risk 0.00cvss epss 0.01

    In Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrator access.

  • CVE-2023-48910Dec 4, 2023
    risk 0.00cvss epss 0.01

    Microcks up to 1.17.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /jobs and /artifact/download. This vulnerability allows attackers to access network resources and sensitive information via a crafted GET request.