Apache Servicecomb vulnerabilities
3 known vulnerabilities affecting apache/servicecomb.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH3
Vulnerabilities
Page 1 of 1
CVE-2023-44313HIGHCVSS 7.5fixed in 2.2.02024-01-31
CVE-2023-44313 [HIGH] CWE-918 CVE-2023-44313: Server-Side Request Forgery (SSRF) vulnerability in Apache ServiceComb Service-Center. Attackers can
Server-Side Request Forgery (SSRF) vulnerability in Apache ServiceComb Service-Center. Attackers can obtain sensitive server information through specially crafted requests.This issue affects Apache ServiceComb before 2.1.0(include).
Users are recommended to upgrade to version 2.2.0, which fixes the issue.
nvd
CVE-2023-44312HIGHCVSS 7.5fixed in 2.2.02024-01-31
CVE-2023-44312 [MEDIUM] CWE-200 CVE-2023-44312: Exposure of Sensitive Information to an Unauthorized Actor in Apache ServiceComb Service-Center.This
Exposure of Sensitive Information to an Unauthorized Actor in Apache ServiceComb Service-Center.This issue affects
Apache ServiceComb Service-Center
before 2.1.0 (include).
Users are recommended to upgrade to version 2.2.0, which fixes the issue.
nvd
CVE-2021-21501HIGHCVSS 7.5≥ 1.0.0, < 2.0.02021-08-10
CVE-2021-21501 [HIGH] CWE-22 CVE-2021-21501: Improper configuration will cause ServiceComb ServiceCenter Directory Traversal problem in ServcieCe
Improper configuration will cause ServiceComb ServiceCenter Directory Traversal problem in ServcieCenter 1.x.x versions and fixed in 2.0.0.
nvd