CVSS: 7.8EPSS: 94%CPEs: 444EXPL: 17CVE-2023-44487 – HTTP/2 Rapid Reset Attack Vulnerability
https://notcve.org/view.php?id=CVE-2023-44487
10 Oct 2023 — The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. ... • https://github.com/imabee101/CVE-2023-44487 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 13%CPEs: 1EXPL: 0CVE-2022-29266 – apisix/jwt-auth may leak secrets in error response
https://notcve.org/view.php?id=CVE-2022-29266
20 Apr 2022 — In APache APISIX before 3.13.1, the jwt-auth plugin has a security issue that leaks the user's secret key because the error message returned from the dependency lua-resty-jwt contains sensitive information. En APache APISIX antes de la versión 3.13.1, el plugin jwt-auth tiene un problema de seguridad que filtra la clave secreta del usuario porque el mensaje de error devuelto por la dependencia lua-resty-jwt contiene información sensible • http://www.openwall.com/lists/oss-security/2022/04/20/1 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-25757 – Apache APISIX: the body_schema check in request-validation plugin can be bypassed
https://notcve.org/view.php?id=CVE-2022-25757
28 Mar 2022 — In Apache APISIX before 2.13.0, when decoding JSON with duplicate keys, lua-cjson will choose the last occurred value as the result. By passing a JSON with a duplicate key, the attacker can bypass the body_schema validation in the request-validation plugin. For example, `{"string_payload":"bad","string_payload":"good"}` can be used to hide the "bad" input. Systems satisfy three conditions below are affected by this attack: 1. use body_schema validation in the request-validation plugin 2. upstream applicatio... • http://www.openwall.com/lists/oss-security/2022/03/28/2 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 94%CPEs: 2EXPL: 15CVE-2022-24112 – Apache APISIX Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2022-24112
11 Feb 2022 — An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different from the data panel, the impact is lower. But there is still a risk to bypass the IP restriction of Apache APISIX's data panel. There is a check in the batch-requests plugin which overrides the client IP with its... • https://packetstorm.news/files/id/166328 • CWE-290: Authentication Bypass by Spoofing •