CVSS: 7.5EPSS: 81%CPEs: 444EXPL: 7CVE-2023-44487 – HTTP/2 Rapid Reset Attack Vulnerability
https://notcve.org/view.php?id=CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. • https://github.com/imabee101/CVE-2023-44487 https://github.com/studiogangster/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/sigridou/CVE-2023-44487- https://github.com/ByteHackr/CVE-2023-44487 https://github.com/ReToCode/golang-CVE-2023-44487 http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www. • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2418 – Konga Login API random values
https://notcve.org/view.php?id=CVE-2023-2418
A vulnerability was found in Konga 2.8.3 on Kong. It has been classified as problematic. This affects an unknown part of the component Login API. The manipulation leads to insufficiently random values. The complexity of an attack is rather high. • https://github.com/advisories/GHSA-9g4c-xm3g-f8hq https://vuldb.com/?ctiid.227715 https://vuldb.com/?id.227715 https://www.cnblogs.com/andao/p/17330864.html • CWE-330: Use of Insufficiently Random Values •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-27306
https://notcve.org/view.php?id=CVE-2021-27306
An improper access control vulnerability in the JWT plugin in Kong Gateway prior to 2.3.2.0 allows unauthenticated users access to authenticated routes without a valid token JWT. Una vulnerabilidad de control de acceso inapropiado en el plugin JWT en Kong Gateway versiones anteriores a 2.3.0.0, permite a usuarios no autenticados acceder a rutas autenticadas sin un token JWT válido • https://docs.konghq.com/enterprise/changelog/#core-1 https://medium.com/%40sew.campos/cve-2021-27306-access-an-authenticated-route-on-kong-api-gateway-6ae3d81968a3 • CWE-706: Use of Incorrectly-Resolved Name or Reference •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2020-11710
https://notcve.org/view.php?id=CVE-2020-11710
An issue was discovered in docker-kong (for Kong) through 2.0.3. The admin API port may be accessible on interfaces other than 127.0.0.1. NOTE: The vendor argue that this CVE is not a vulnerability because it has an inaccurate bug scope and patch links. β1) Inaccurate Bug Scope - The issue scope was on Kong's docker-compose template, and not Kong's docker image itself. In reality, this issue is not associated with any version of the Kong gateway. As such, the description stating βAn issue was discovered in docker-kong (for Kong) through 2.0.3.β is incorrect. • https://github.com/Kong/docker-kong/commit/dfa095cadf7e8309155be51982d8720daf32e31c https://github.com/Kong/docs.konghq.com/commit/d693827c32144943a2f45abc017c1321b33ff611 https://github.com/Kong/docs.konghq.com/commit/e99cf875d875dd84fdb751079ac37882c9972949 https://github.com/Kong/kong •