VYPR
Vendor

ExpressGateway

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2020-29579CriDec 8, 2020
    risk 0.64cvss 9.8epss 0.02

    The official Express Gateway Docker images before 1.14.0 contain a blank password for a root user. Systems using the Express Gateway Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access.

  • CVE-2025-9096LowAug 18, 2025
    risk 0.23cvss 3.5epss 0.00

    A vulnerability has been found in ExpressGateway express-gateway up to 1.16.10. Affected is an unknown function in the library lib/rest/routes/apps.js of the component REST Endpoint. The manipulation leads to cross site scripting. It is possible to launch the attack remotely.…

  • CVE-2025-9095LowAug 17, 2025
    risk 0.23cvss 3.5epss 0.00

    A flaw has been found in ExpressGateway express-gateway up to 1.16.10. This issue affects some unknown processing in the library lib/rest/routes/users.js of the component REST Endpoint. The manipulation leads to cross site scripting. The attack may be initiated remotely. The…