Microcks
by Microcks
Source repositories
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-44076 | 0.00 | — | 0.01 | Aug 19, 2024 | In Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrator access. | |||
| CVE-2023-48910 | 0.00 | — | 0.01 | Dec 4, 2023 | Microcks up to 1.17.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /jobs and /artifact/download. This vulnerability allows attackers to access network resources and sensitive information via a crafted GET request. |
- CVE-2024-44076Aug 19, 2024risk 0.00cvss —epss 0.01
In Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrator access.
- CVE-2023-48910Dec 4, 2023risk 0.00cvss —epss 0.01
Microcks up to 1.17.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /jobs and /artifact/download. This vulnerability allows attackers to access network resources and sensitive information via a crafted GET request.