CVE-2022-1561 – Lura and KrakenD-CE versions older than v2.0.2 and KrakenD-EE versions older than v2.0.0 d …

1 August 2022

Vuln ID: CVE-2022-1561

Published: 2022-08-01 13:15:09Z

Description: Lura and KrakenD-CE versions older than v2.0.2 and KrakenD-EE versions older than v2.0.0 do not sanitize URL parameters correctly, allowing a malicious user to alter the backend URL defined for a pipe when remote users send crafty URL requests. The vulnerability does not affect KrakenD itself, but the consumed backend might be vulnerable.

Source: NVD.NIST.GOV

Date:

1 August 2022

Categorie(s):

NVD

Tag(s):

NVD

Attackers are pummeling networks around the world with millions of login attempts16 April 2024
UnitedHealth investigating reported leak of data from its Change Healthcare unit16 April 2024
Anthropic’s latest version of Claude comes to Amazon Bedrock16 April 2024
Omni Hotels & Resorts Hack: Attackers have Stolen Customer Information16 April 2024
RansomHub says Change Healthcare data now up for sale16 April 2024