Linuxfoundation Zowe_api_mediation_layer
3 CVEs affecting Linuxfoundation Zowe_api_mediation_layer. Latest disclosed: 2024-10-10. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-9798 | Critical | 9.0 | 2024-10-10 | The health endpoint is public so everybody can see a list of all services. It is potentially valuable information for attackers. |
CVE-2024-9802 | Medium | 5.3 | 2024-10-10 | The conformance validation endpoint is public so everybody can verify the conformance of onboarded services. The response could contain specific information ab… |
CVE-2021-4314 | Medium | 5.3 | 2023-01-18 | It is possible to manipulate the JWT token without the knowledge of the JWT secret and authenticate without valid JWT token as any user. This is happening only… |