Vulnerabilities (CVE)

Filtered by vendor Heroiclabs Subscribe
Filtered by product Nakama
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-2321 1 Heroiclabs 1 Nakama 2024-11-21 5.0 MEDIUM 9.8 CRITICAL
Improper Restriction of Excessive Authentication Attempts in GitHub repository heroiclabs/nakama prior to 3.13.0. This results in login brute-force attacks.
CVE-2022-2306 1 Heroiclabs 1 Nakama 2024-11-21 5.0 MEDIUM 7.5 HIGH
Old session tokens can be used to authenticate to the application and send authenticated requests.