(This advisory is canonically ) ## Problem Description The NATS server provides for Subjects which are namespaced by Account; all Subjects are supposed to be private to an account, with an Export/Impo ...
Continue Reading
May 30, 2022
## Problem Description The NATS account system has an Operator trusted by the servers, which signs Accounts, and each Account can then create and sign Users within their account. The Operator should ...
Continue Reading
May 30, 2022
## Problem Description The NATS account system has an Operator trusted by the servers, which signs Accounts, and each Account can then create and sign Users within their account. The Operator should ...
Continue Reading
May 30, 2022
## Problem Description NATS nats-server through 2020-10-07 has Incorrect Access Control because of how expired credentials are handled. The NATS accounts system has expiration timestamps on credential ...
Continue Reading
May 30, 2022
## Problem Description NATS nats-server through 2020-10-07 has Incorrect Access Control because of how expired credentials are handled. The NATS accounts system has expiration timestamps on credential ...
Continue Reading
May 30, 2022
### Impact Several vulnerabilities have been reported in the `time` and `chrono` crates related to handling of calls to `localtime_r`. You can follow some of the discussions [here](https://github.com/ ...
Continue Reading
May 30, 2022
Envoy is an open source edge and service proxy, designed for cloud-native applications. In affected versions a crafted request crashes Envoy when a CONNECT request is sent to JWT filter configured wit ...
Continue Reading
May 30, 2022
 ## Int ...
Continue Reading
May 30, 2022
Back to Main
