CVE-2022-24450
HIGH8.8EPSS 0.65%Incorrect Authorization in NATS nats-server in github.com/nats-io/nats-server
Published: 2/8/2022Modified: 3/3/2026
Description
Incorrect Authorization in NATS nats-server in github.com/nats-io/nats-server
Affected packages (6)
- Bitnami/nats>= 2.0.0, < 2.7.2
- Go/github.com/nats-io/nats-serverfrom 0
- Go/github.com/nats-io/nats-server/v2>= 2.0.0, < 2.7.2
- Go/github.com/nats-io/nats-server/v2>= 2.0.0, < 2.7.2
- Go/github.com/nats-io/nats-streaming-server>= 0.15.0, < 0.24.1
- Go/github.com/nats-io/nats-streaming-server>= 0.15.0, < 0.24.1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |