Github.Com Nats-Io Nats-Server V2 vulnerabilities

CVE-2022-26652 [MEDIUM] CWE-22 Arbitrary file write in nats-server Arbitrary file write in nats-server (This document is canonically: ) ## Background NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. JetStream is the optional RAFT-based resilient persistent feature of NATS. ## Problem Description The JetStream streams can be backed up and restored via NATS. The backup format is a tar archive fi

CVE-2020-28466 [HIGH] CWE-400 Denial of service in github.com/nats-io/nats-server/server Denial of service in github.com/nats-io/nats-server/server This affects all versions of package github.com/nats-io/nats-server/server. Untrusted accounts are able to crash the server using configs that represent a service export/import cycles. Disclaimer from the maintainers - Running a NATS service which is exposed to untrusted users presents a heightened risk. Any remote execution flaw or equivalent serio

CVE-2022-24450 [HIGH] CWE-863 Incorrect Authorization in NATS nats-server Incorrect Authorization in NATS nats-server (This advisory is canonically ) ## Problem Description NATS nats-server through 2022-02-04 has Incorrect Access Control, with unchecked ability for clients to authorize into any account, because of a coding error in a long-extant experimental feature. A client crafting the initial protocol-level handshake could, with valid credentials for any account, specify a target account

CVE-2020-26892 [CRITICAL] CWE-284 Incorrect handling of credential expiry by /nats-io/nats-server Incorrect handling of credential expiry by /nats-io/nats-server (This advisory is canonically https://advisories.nats.io/CVE/CVE-2020-26892.txt ) ## Problem Description NATS nats-server through 2020-10-07 has Incorrect Access Control because of how expired credentials are handled. The NATS accounts system has expiration timestamps on credentials; the library had an API which encouraged misuse an

CVE-2020-26521 [HIGH] Nil dereference in NATS JWT causing DoS of nats-server Nil dereference in NATS JWT causing DoS of nats-server (This advisory is canonically ) ## Problem Description The NATS account system has an Operator trusted by the servers, which signs Accounts, and each Account can then create and sign Users within their account. The Operator should be able to safely issue Accounts to other entities which it does not fully trust. A malicious Account could create and sign a User JW

CVE-2021-3127 [HIGH] github.com/nats-io/nats-server Import token permissions checking not enforced github.com/nats-io/nats-server Import token permissions checking not enforced (This advisory is canonically ) ## Problem Description The NATS server provides for Subjects which are namespaced by Account; all Subjects are supposed to be private to an account, with an Export/Import system used to grant cross-account access to some Subjects. Some Exports are public, such that anyone can import the

CVE-2019-13126 [HIGH] CWE-190 Integer Overflow or Wraparound in NATS Server Integer Overflow or Wraparound in NATS Server An integer overflow in NATS Server before 2.2.0 allows a remote attacker to crash the server by sending a crafted request. ### Specific Go Packages Affected github.com/nats-io/nats-server/v2/server