github.com/nats-io/.../server vulnerabilities

licenses detected

(Apache-2.0 OR MIT)
>=v0.5.1 <v0.5.2-0.20140425191158-2141cc738119; >=v0.5.2 <v0.5.3-0.20140508202536-4a522014f603; >=v0.5.4 <v0.5.5-0.20140731181439-c01c3e15d9f5; >=v0.5.6 <v0.5.7-0.20140911001801-509ed9f45cee; >=v0.6.0 <v0.6.1-0.20150616235619-48c5bdf4df4f; >=v0.6.2 <v0.6.3-0.20150808025114-cd9dfebcb255; >=v0.6.4 <v0.6.5-0.20150808051813-a09f4208fca6; >=v0.6.6 <v0.6.7-0.20150823215156-819355cd37fa; >=v0.6.8 <v0.6.9-0.20151004050932-48f4cbf9379e; >=v0.7.0 <v0.7.1-0.20151207060535-c1ebd4efd860; >=v0.7.2 <v0.7.3-0.20151210200618-d133e68338a7; >=v0.8.0 <v0.8.1-0.20160509205634-26caad27c107; >=v0.8.1 <v0.8.2-0.20160615181050-27ac524dafe4; >=v0.9.2 <v0.9.3-0.20160812202224-fc7d92a04a8d; >=v0.9.4 <v0.9.5-0.20160824201707-c7e699ac29b3; >=v0.9.6 <v0.9.7-0.20161221013723-a8dfaeae3d1c; >=v1.0.0 <v1.0.1-0.20170719002556-0e2882d741cd; >=v1.0.2 <v1.0.3-0.20170721094241-514572316435; >=v1.0.4 <v1.0.5-0.20171017145744-a2d2327975a4; >=v1.0.6 <v1.0.7-0.20180304213803-aeca31ce516b
Apache-2.0
>=v2.0.0-RC14.0.20190604014547-ed1901c79292 <v2.0.0-20250912134740-4a2d68f84af4; >=v2.0.1-0.20190607181227-7a7ea66e1f72 <v2.11.0-dev.0.20231219191342-154c72867e4e; >=v2.11.0-dev.0.20240102010427-e27f45d441be <v2.11.0-dev.0.20240104040758-ac74f781ddeb; >=v2.11.0-dev.0.20240111031832-67d41da49bb2 <v2.11.0-dev.0.20250331112438-406f83666cc5; >=v2.11.0-preview.1 <v2.11.4-0.20250620162622-e292fbcc2d61; >=v2.11.4 <v2.11.5; >=v2.11.4-0.20250626173346-d84738aae81b <v2.11.4-0.20250627094118-fd52bd228971; >=v2.11.4-0.20250630113915-197671590ff4 <v2.11.4-0.20250630121414-e71b2fc69aed; >=v2.11.4-0.20250630132538-0e455656b0bd <v2.11.4-0.20250701104841-af74f6172804; >=v2.11.4-0.20250701114610-47382b1ee49a <v2.11.4-0.20250703112351-45d2da188c67; >=v2.11.4-0.20250703114355-0ce3590cd423 <v2.11.4-0.20250703121157-7c14574ad46b; >=v2.11.4-0.20250704083852-834d29f6db04 <v2.11.4-0.20250708100820-1ff31982da90; >=v2.11.4-0.20250708120935-a39322a58dfc <v2.11.4-0.20250708133008-89c052223d3a; >=v2.11.4-0.20250708141651-c16cc5463e6a <v2.11.4-0.20250709103334-c9bb57b29e92; >=v2.11.4-0.20250709145438-3654a3600d45 <v2.11.4-0.20250710133920-d72665cc0d43; >=v2.11.4-0.20250711084722-699fa16087dd <v2.11.4-0.20250711091245-542376a3e978; >=v2.11.4-0.20250711140229-6932e7b964d1 <v2.11.4-0.20250714092427-ef9f763b7e57; >=v2.11.4-0.20250716144736-cdd07b1839fb <v2.11.4-0.20250718085913-726c209283cf; >=v2.11.4-0.20250718141753-3c1c9d2fd121 <v2.11.4-0.20250721090939-a6552bf2c65a; >=v2.11.4-0.20250723091510-b28417ad0716 <v2.11.4-0.20250725083321-52616d38775f; >=v2.11.4-0.20250731064139-5f6ce4746d14 <v2.11.4-0.20250731081726-27d720e422f8; >=v2.11.4-0.20250801160655-52756c3cbe81 <v2.11.4-0.20250804101407-a9a14108a213; >=v2.11.4-0.20250804114950-5ab8ac2a54c2 <v2.11.4-0.20250804120445-75828bde5a83; >=v2.11.4-0.20250807112911-4d4df7809070 <v2.11.4-0.20250808113631-0d02332f48d4; >=v2.11.7-RC.2 <v2.11.7-RC.3; >=v2.11.8-RC.1 <v2.11.9; >=v2.12.0-RC.2 <v2.12.0-RC.4; >=v2.12.0-RC.5 <v2.12.0-RC.6; >=v2.12.0-preview.1.0.20250811090658-833cc2aa9dee <v2.12.0-preview.1.0.20250813101109-ab70643af22d; >=v2.12.0-preview.1.0.20250815153721-06e97c08110e <v2.12.0-preview.1.0.20250815160256-fa76dd02b915; >=v2.12.0-preview.1.0.20250818092835-9d19193c00c2 <v2.12.0-preview.1.0.20250819132108-80a99bbd49d3; >=v2.12.0-preview.1.0.20250819173119-19a2f8b6c53a <v2.12.0-preview.1.0.20250820171125-149a096ccd32; >=v2.12.0-preview.1.0.20250822111547-3b44c889eef5 <v2.12.0-preview.1.0.20250826083602-a22c74cc5eed; >=v2.12.0-preview.1.0.20250826110217-bfb10cfaa839 <v2.12.0-preview.1.0.20250826140520-ed769414d872; >=v2.12.0-preview.1.0.20250826143915-4598607ba6a9 <v2.12.0-preview.1.0.20250826160927-8d70f438d1ea; >=v2.12.0-preview.1.0.20250828151117-67d3de8f41f3 <v2.12.0-preview.1.0.20250828155408-d42e76a9306f; >=v2.12.0-preview.1.0.20250829122640-ae172ead3feb <v2.12.0-preview.1.0.20250830094226-a7679bfd69b2; >=v2.12.0-preview.2.0.20250909082216-95075f7e9341 <v2.12.0-preview.2.0.20250909090709-7dbb9e57af7f; >=v2.12.0-preview.2.0.20250911151811-24262829cead <v2.12.0-preview.2.0.20250911185030-211ae1851290; >=v2.12.0-preview.2.0.20250912134324-318a87cf6435 <v2.12.0-preview.2.0.20250915155442-de96253c6945; >=v2.12.0-preview.2.0.20250917140522-c5fac168f328 <v2.12.0-preview.2.0.20250918132631-be5d8e116771; >=v2.12.1-0.20250922143101-61850322e876 <v2.12.1-0.20250923090655-a56078ee5acb; >=v2.12.1-0.20250923160900-22ea4916dc89
(Apache-2.0 OR BSD-3-Clause)
>=v2.0.0-20250912134740-4a2d68f84af4 <v2.0.1-0.20190607181227-7a7ea66e1f72; >=v2.11.0-dev.0.20231219191342-154c72867e4e <v2.11.0-dev.0.20240102010427-e27f45d441be; >=v2.11.0-dev.0.20240104040758-ac74f781ddeb <v2.11.0-dev.0.20240111031832-67d41da49bb2; >=v2.11.0-dev.0.20250331112438-406f83666cc5 <v2.11.0-preview.1; >=v2.11.4-0.20250620162622-e292fbcc2d61 <v2.11.4-0.20250626173346-d84738aae81b; >=v2.11.4-0.20250627094118-fd52bd228971 <v2.11.4-0.20250630113915-197671590ff4; >=v2.11.4-0.20250630121414-e71b2fc69aed <v2.11.4-0.20250630132538-0e455656b0bd; >=v2.11.4-0.20250701104841-af74f6172804 <v2.11.4-0.20250701114610-47382b1ee49a; >=v2.11.4-0.20250703112351-45d2da188c67 <v2.11.4-0.20250703114355-0ce3590cd423; >=v2.11.4-0.20250703121157-7c14574ad46b <v2.11.4-0.20250704083852-834d29f6db04; >=v2.11.4-0.20250708100820-1ff31982da90 <v2.11.4-0.20250708120935-a39322a58dfc; >=v2.11.4-0.20250708133008-89c052223d3a <v2.11.4-0.20250708141651-c16cc5463e6a; >=v2.11.4-0.20250709103334-c9bb57b29e92 <v2.11.4-0.20250709145438-3654a3600d45; >=v2.11.4-0.20250710133920-d72665cc0d43 <v2.11.4-0.20250711084722-699fa16087dd; >=v2.11.4-0.20250711091245-542376a3e978 <v2.11.4-0.20250711140229-6932e7b964d1; >=v2.11.4-0.20250714092427-ef9f763b7e57 <v2.11.4-0.20250716144736-cdd07b1839fb; >=v2.11.4-0.20250718085913-726c209283cf <v2.11.4-0.20250718141753-3c1c9d2fd121; >=v2.11.4-0.20250721090939-a6552bf2c65a <v2.11.4-0.20250723091510-b28417ad0716; >=v2.11.4-0.20250725083321-52616d38775f <v2.11.4-0.20250731064139-5f6ce4746d14; >=v2.11.4-0.20250731081726-27d720e422f8 <v2.11.4-0.20250801160655-52756c3cbe81; >=v2.11.4-0.20250804101407-a9a14108a213 <v2.11.4-0.20250804114950-5ab8ac2a54c2; >=v2.11.4-0.20250804120445-75828bde5a83 <v2.11.4-0.20250807112911-4d4df7809070; >=v2.11.4-0.20250808113631-0d02332f48d4 <v2.11.4; >=v2.11.5 <v2.11.7-RC.2; >=v2.11.7-RC.3 <v2.11.8-RC.1; >=v2.11.9 <v2.12.0-RC.2; >=v2.12.0-RC.4 <v2.12.0-RC.5; >=v2.12.0-RC.6 <v2.12.0-preview.1.0.20250811090658-833cc2aa9dee; >=v2.12.0-preview.1.0.20250813101109-ab70643af22d <v2.12.0-preview.1.0.20250815153721-06e97c08110e; >=v2.12.0-preview.1.0.20250815160256-fa76dd02b915 <v2.12.0-preview.1.0.20250818092835-9d19193c00c2; >=v2.12.0-preview.1.0.20250819132108-80a99bbd49d3 <v2.12.0-preview.1.0.20250819173119-19a2f8b6c53a; >=v2.12.0-preview.1.0.20250820171125-149a096ccd32 <v2.12.0-preview.1.0.20250822111547-3b44c889eef5; >=v2.12.0-preview.1.0.20250826083602-a22c74cc5eed <v2.12.0-preview.1.0.20250826110217-bfb10cfaa839; >=v2.12.0-preview.1.0.20250826140520-ed769414d872 <v2.12.0-preview.1.0.20250826143915-4598607ba6a9; >=v2.12.0-preview.1.0.20250826160927-8d70f438d1ea <v2.12.0-preview.1.0.20250828151117-67d3de8f41f3; >=v2.12.0-preview.1.0.20250828155408-d42e76a9306f <v2.12.0-preview.1.0.20250829122640-ae172ead3feb; >=v2.12.0-preview.1.0.20250830094226-a7679bfd69b2 <v2.12.0-preview.2.0.20250909082216-95075f7e9341; >=v2.12.0-preview.2.0.20250909090709-7dbb9e57af7f <v2.12.0-preview.2.0.20250911151811-24262829cead; >=v2.12.0-preview.2.0.20250911185030-211ae1851290 <v2.12.0-preview.2.0.20250912134324-318a87cf6435; >=v2.12.0-preview.2.0.20250915155442-de96253c6945 <v2.12.0-preview.2.0.20250917140522-c5fac168f328; >=v2.12.0-preview.2.0.20250918132631-be5d8e116771 <v2.12.1-0.20250922143101-61850322e876; >=v2.12.1-0.20250923090655-a56078ee5acb <v2.12.1-0.20250923160900-22ea4916dc89
Unknown

View server package health on Snyk Advisor (opens in a new tab)

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the github.com/nats-io/nats-server/v2/server package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Improper Authorization	>=2.2.0 <2.10.27>=2.11.0-RC.1 <2.11.1
M Improper Access Control	>=2.0.0 <2.8.2
L Inadequate Encryption Strength	<2.2.3
M Improper Authentication	>=2.2.0 <2.9.23>=2.10.0 <2.10.2
H Authentication Bypass by Primary Weakness	>=2.2.0 <2.9.23>=2.10.0 <2.10.2
M Directory Traversal	>=2.2.0 <2.8.0
M Stack-based Buffer Overflow	<2.9.3
M Denial of Service (DoS)	<2.9.3
H Arbitrary File Write via Archive Extraction (Zip Slip)	>=2.2.0 <2.7.4
H Access Control Bypass	>=2.7.0 <2.7.2
M Access Restriction Bypass	<2.2.0
H Denial of Service (DoS)	<2.2.0
M Improper Access Control	<2.1.9
H Denial of Service (DoS)	>=2.0.0 <2.1.9
M Improper Authentication	<2.1.9
H Denial of Service (DoS)	<2.0.2