Vulnerabilities (CVE)

Filtered by vendor Apache Subscribe
Filtered by product Servicecomb
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-44313 1 Apache 1 Servicecomb 2024-11-21 N/A 7.6 HIGH
Server-Side Request Forgery (SSRF) vulnerability in Apache ServiceComb Service-Center. Attackers can obtain sensitive server information through specially crafted requests.This issue affects Apache ServiceComb before 2.1.0(include). Users are recommended to upgrade to version 2.2.0, which fixes the issue.
CVE-2023-44312 1 Apache 1 Servicecomb 2024-11-21 N/A 5.8 MEDIUM
Exposure of Sensitive Information to an Unauthorized Actor in Apache ServiceComb Service-Center.This issue affects Apache ServiceComb Service-Center before 2.1.0 (include). Users are recommended to upgrade to version 2.2.0, which fixes the issue.
CVE-2021-21501 1 Apache 1 Servicecomb 2024-11-21 5.0 MEDIUM 7.5 HIGH
Improper configuration will cause ServiceComb ServiceCenter Directory Traversal problem in ServcieCenter 1.x.x versions and fixed in 2.0.0.