Approved changes feed: RSS · Atom
cpe:2.3:a:n/a:apicast:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | N/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78) |
|---|---|
| Product | Apicast (3724ba66-d605-5843-a071-7671af126f3e) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-0456 |
not_vulnerable | 2026-06-08 05:52:04.980548 |
Apicast proxies the api call with incorrect jwt token to the api backend without proper authorization check
HIGH (7.4)
A flaw was found in APICast, when 3Scale's OIDC module does not properly evaluate the response to a mismatched token from a separate realm. This could allow a separate realm to be accessible to an attacker, permitting access to unauthorized information.
Published: 2023-09-27T13:39:37.294Z
Updated: 2024-09-24T14:12:37.141Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-3523 |
vulnerable | 2026-06-08 05:33:52.710538 |
Details available
A flaw was found in 3Scale APICast in versions prior to 2.11.0, where it incorrectly identified connections for reuse. This flaw allows an attacker to bypass security restrictions for an API request when hosting multiple APIs on the same IP address.
Published: 2022-04-27T20:58:08.000Z
Updated: 2024-08-03T17:01:07.705Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-14852 |
vulnerable | 2026-06-08 05:12:56.268960 |
Details available
A flaw was found in 3scale’s APIcast gateway that enabled the TLS 1.0 protocol. An attacker could target traffic using this weaker protocol and break its encryption, gaining access to unauthorized information. Version shipped in Red Hat 3scale API Management Platform is vulnerable to this issue.
Published: 2021-03-18T19:07:37.000Z
Updated: 2024-08-05T00:26:39.132Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.