Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3
CVE-2024-9671
- EPSS 0.09%
- Veröffentlicht 09.10.2024 15:15:17
- Zuletzt bearbeitet 04.12.2024 08:15:07
A vulnerability was found in 3Scale. There is no auth mechanism to see a PDF invoice of a Developer user if the URL is known. Anyone can see the invoice if the URL is known or guessed.
7.5
CVE-2023-44487
- EPSS 94.44%
- Veröffentlicht 10.10.2023 14:15:10
- Zuletzt bearbeitet 11.06.2025 17:29:54
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
9.8
CVE-2017-7512
- EPSS 0.5%
- Veröffentlicht 07.07.2017 22:29:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
Red Hat 3scale (aka RH-3scale) API Management Platform (AMP) before 2.0.0 would permit creation of an access token without a client secret. An attacker could use this flaw to circumvent authentication controls and gain access to restricted APIs. NOTE...
1