1 results (0.017 seconds)

CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0

An issue was discovered in docker-kong (for Kong) through 2.0.3. The admin API port may be accessible on interfaces other than 127.0.0.1. NOTE: The vendor argue that this CVE is not a vulnerability because it has an inaccurate bug scope and patch links. β€œ1) Inaccurate Bug Scope - The issue scope was on Kong's docker-compose template, and not Kong's docker image itself. In reality, this issue is not associated with any version of the Kong gateway. As such, the description stating β€˜An issue was discovered in docker-kong (for Kong) through 2.0.3.’ is incorrect. • https://github.com/Kong/docker-kong/commit/dfa095cadf7e8309155be51982d8720daf32e31c https://github.com/Kong/docs.konghq.com/commit/d693827c32144943a2f45abc017c1321b33ff611 https://github.com/Kong/docs.konghq.com/commit/e99cf875d875dd84fdb751079ac37882c9972949 https://github.com/Kong/kong •