Linuxfoundation

Nats-server

27 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.53%
  • Veröffentlicht 08.07.2026 20:17:39
  • Zuletzt bearbeitet 09.07.2026 19:08:52

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, a WebSocket listener could route requests for the MQTT-over-WebSocket path into MQTT handling even when MQTT was not config...

  • EPSS 0.31%
  • Veröffentlicht 08.07.2026 20:16:25
  • Zuletzt bearbeitet 09.07.2026 19:00:21

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, a client could be registered as the configured no_auth_user through a parser path used when the first client operation was ...

  • EPSS 0.55%
  • Veröffentlicht 08.07.2026 20:15:31
  • Zuletzt bearbeitet 09.07.2026 19:13:49

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, a client able to send account-scoped connection monitoring requests could crash the server by supplying Connz pagination Of...

  • EPSS 0.23%
  • Veröffentlicht 25.03.2026 20:21:30
  • Zuletzt bearbeitet 26.03.2026 16:20:55

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Starting in version 2.11.0 and prior to versions 2.11.15 and 2.12.6, a valid client which uses message tracing headers can indicate that the trace message...

  • EPSS 0.21%
  • Veröffentlicht 25.03.2026 20:20:00
  • Zuletzt bearbeitet 26.03.2026 17:18:04

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, the NATS message header `Nats-Request-Info:` is supposed to be a guarantee of identity by the NATS server, but the s...

  • EPSS 0.14%
  • Veröffentlicht 25.03.2026 20:18:28
  • Zuletzt bearbeitet 26.03.2026 16:22:06

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using mTLS for client identity, with `verify_and_map` to derive a NATS identity from the client certificate's S...

  • EPSS 0.41%
  • Veröffentlicht 25.03.2026 20:16:33
  • Zuletzt bearbeitet 30.06.2026 03:18:39

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run with static credentials for all clients provided via argv (the command-line), then those cre...

  • EPSS 0.31%
  • Veröffentlicht 25.03.2026 20:10:51
  • Zuletzt bearbeitet 26.03.2026 17:17:38

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, users with JetStream admin API access to restore one stream could restore to other stream names, impacting data whic...

  • EPSS 0.53%
  • Veröffentlicht 25.03.2026 19:55:28
  • Zuletzt bearbeitet 30.06.2026 03:18:38

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, a malicious client which can connect to the WebSockets port can cause unbounded memory use in the nats-server before...

  • EPSS 0.62%
  • Veröffentlicht 25.03.2026 19:53:12
  • Zuletzt bearbeitet 30.06.2026 03:18:38

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, a client which can connect to the leafnode port can crash the nats-server with a certain malformed message pre-authe...