Linuxfoundation: >> Nats-Server >> 0.5.4 Security Vulnerabilities
The JWT library in NATS nats-server before 2.1.9 allows a denial of service (a nil dereference in Go code).
CVSS Score
7.5
EPSS Score
0.007
Published
2020-11-06
The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled.
CVSS Score
9.8
EPSS Score
0.006
Published
2020-11-06