Microcks: >> Microcks Security Vulnerabilities
In Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrator access.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-08-19
Microcks up to 1.17.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /jobs and /artifact/download. This vulnerability allows attackers to access network resources and sensitive information via a crafted GET request.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-12-04