Homepage

github.com/nats-io/.../server vulnerabilities

  • licenses detected

    • (Apache-2.0 OR MIT)
      >=v0.5.1 <v0.5.2-0.20140425191158-2141cc738119; >=v0.5.2 <v0.5.3-0.20140508202536-4a522014f603; >=v0.5.4 <v0.5.5-0.20140731181439-c01c3e15d9f5; >=v0.5.6 <v0.5.7-0.20140911001801-509ed9f45cee; >=v0.6.0 <v0.6.1-0.20150616235619-48c5bdf4df4f; >=v0.6.2 <v0.6.3-0.20150808025114-cd9dfebcb255; >=v0.6.4 <v0.6.5-0.20150808051813-a09f4208fca6; >=v0.6.6 <v0.6.7-0.20150823215156-819355cd37fa; >=v0.6.8 <v0.6.9-0.20151004050932-48f4cbf9379e; >=v0.7.0 <v0.7.1-0.20151207060535-c1ebd4efd860; >=v0.7.2 <v0.7.3-0.20151210200618-d133e68338a7; >=v0.8.0 <v0.8.1-0.20160509205634-26caad27c107; >=v0.8.1 <v0.8.2-0.20160615181050-27ac524dafe4; >=v0.9.2 <v0.9.3-0.20160812202224-fc7d92a04a8d; >=v0.9.4 <v0.9.5-0.20160824201707-c7e699ac29b3; >=v0.9.6 <v0.9.7-0.20161221013723-a8dfaeae3d1c; >=v1.0.0 <v1.0.1-0.20170719002556-0e2882d741cd; >=v1.0.2 <v1.0.3-0.20170721094241-514572316435; >=v1.0.4 <v1.0.5-0.20171017145744-a2d2327975a4; >=v1.0.6 <v1.0.7-0.20180304213803-aeca31ce516b
    • Apache-2.0
      >=v2.0.0-RC14.0.20190604014547-ed1901c79292 <v2.11.0-dev.0.20231219191342-154c72867e4e; >=v2.11.0-dev.0.20240102010427-e27f45d441be <v2.11.0-dev.0.20240104040758-ac74f781ddeb; >=v2.11.0-dev.0.20240111031832-67d41da49bb2 <v2.11.0-dev.0.20250331112438-406f83666cc5; >=v2.11.0-preview.1 <v2.11.4-0.20250620162622-e292fbcc2d61; >=v2.11.4-0.20250626173346-d84738aae81b <v2.11.4-0.20250627094118-fd52bd228971; >=v2.11.4-0.20250630113915-197671590ff4 <v2.11.4-0.20250630121414-e71b2fc69aed; >=v2.11.4-0.20250630132538-0e455656b0bd <v2.11.4-0.20250701104841-af74f6172804; >=v2.11.4-0.20250701114610-47382b1ee49a <v2.11.4-0.20250703112351-45d2da188c67; >=v2.11.4-0.20250703114355-0ce3590cd423 <v2.11.4-0.20250703121157-7c14574ad46b; >=v2.11.4-0.20250704083852-834d29f6db04 <v2.11.4-0.20250708100820-1ff31982da90; >=v2.11.4-0.20250708120935-a39322a58dfc <v2.11.4-0.20250708133008-89c052223d3a; >=v2.11.4-0.20250708141651-c16cc5463e6a <v2.11.4-0.20250709103334-c9bb57b29e92; >=v2.11.4-0.20250709145438-3654a3600d45 <v2.11.4-0.20250710133920-d72665cc0d43; >=v2.11.4-0.20250711084722-699fa16087dd <v2.11.5
    • (Apache-2.0 OR BSD-3-Clause)
      >=v2.11.0-dev.0.20231219191342-154c72867e4e <v2.11.0-dev.0.20240102010427-e27f45d441be; >=v2.11.0-dev.0.20240104040758-ac74f781ddeb <v2.11.0-dev.0.20240111031832-67d41da49bb2; >=v2.11.0-dev.0.20250331112438-406f83666cc5 <v2.11.0-preview.1; >=v2.11.4-0.20250620162622-e292fbcc2d61 <v2.11.4-0.20250626173346-d84738aae81b; >=v2.11.4-0.20250627094118-fd52bd228971 <v2.11.4-0.20250630113915-197671590ff4; >=v2.11.4-0.20250630121414-e71b2fc69aed <v2.11.4-0.20250630132538-0e455656b0bd; >=v2.11.4-0.20250701104841-af74f6172804 <v2.11.4-0.20250701114610-47382b1ee49a; >=v2.11.4-0.20250703112351-45d2da188c67 <v2.11.4-0.20250703114355-0ce3590cd423; >=v2.11.4-0.20250703121157-7c14574ad46b <v2.11.4-0.20250704083852-834d29f6db04; >=v2.11.4-0.20250708100820-1ff31982da90 <v2.11.4-0.20250708120935-a39322a58dfc; >=v2.11.4-0.20250708133008-89c052223d3a <v2.11.4-0.20250708141651-c16cc5463e6a; >=v2.11.4-0.20250709103334-c9bb57b29e92 <v2.11.4-0.20250709145438-3654a3600d45; >=v2.11.4-0.20250710133920-d72665cc0d43 <v2.11.4-0.20250711084722-699fa16087dd; >=v2.11.5
    • Unknown
  • View server package health on Snyk Advisor  (opens in a new tab)
    • Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the github.com/nats-io/nats-server/v2/server package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Improper Authorization

    >=2.2.0 <2.10.27>=2.11.0-RC.1 <2.11.1
    • M
    Improper Access Control

    >=2.0.0 <2.8.2
    • L
    Inadequate Encryption Strength

    <2.2.3
    • M
    Improper Authentication

    >=2.2.0 <2.9.23>=2.10.0 <2.10.2
    • H
    Authentication Bypass by Primary Weakness

    >=2.2.0 <2.9.23>=2.10.0 <2.10.2
    • M
    Directory Traversal

    >=2.2.0 <2.8.0
    • M
    Stack-based Buffer Overflow

    <2.9.3
    • M
    Denial of Service (DoS)

    <2.9.3
    • H
    Arbitrary File Write via Archive Extraction (Zip Slip)

    >=2.2.0 <2.7.4
    • H
    Access Control Bypass

    >=2.7.0 <2.7.2
    • M
    Access Restriction Bypass

    <2.2.0
    • H
    Denial of Service (DoS)

    <2.2.0
    • M
    Improper Access Control

    <2.1.9
    • H
    Denial of Service (DoS)

    >=2.0.0 <2.1.9
    • M
    Improper Authentication

    <2.1.9
    • H
    Denial of Service (DoS)

    <2.0.2