Filtered by vendor Microcks Subscriptions
Filtered by product Microcks Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-48910 1 Microcks 1 Microcks 2024-11-21 9.8 Critical
Microcks up to 1.17.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /jobs and /artifact/download. This vulnerability allows attackers to access network resources and sensitive information via a crafted GET request.
CVE-2024-44076 1 Microcks 1 Microcks 2024-08-21 9.8 Critical
In Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrator access.