com.alibaba.nacos:nacos-config@0.5.0 vulnerabilities
-
latest version
0.8.0
-
first published
6 years ago
-
latest version published
5 years ago
-
licenses detected
- [0.4.0,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the com.alibaba.nacos:nacos-config package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
Affected versions of this package are vulnerable to Improper Authentication. When nacos is deployed in the default configuration, the administrator dashboard can be accessed without authentication. This can be leveraged to execute arbitrary SQL queries, which leads to the disclosure of sensitive information. How to fix Improper Authentication? A fix was pushed into the |
[0,)
|