Approved changes feed: RSS · Atom

cpe:2.3:a:akana:akana_api_platform:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorAkana (3b4996f5-e213-53ff-86eb-2733802a4243)
ProductAkana Api Platform (cc405749-24f0-553c-9500-30af997205c3)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2024-5250 vulnerable 2026-06-08 06:56:15.326956 Overly Verbose Errors in SAML Integration
LOW (3.5)
In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML integrations
Published: 2024-07-30T18:29:11.375Z
Updated: 2024-08-01T21:03:11.081Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-5249 vulnerable 2026-06-08 06:56:15.325659 SAML Replay in Akana
MEDIUM (5.4)
In versions of Akana API Platform prior to 2024.1.0, SAML tokens can be replayed.
Published: 2024-07-30T18:23:29.074Z
Updated: 2025-01-09T19:23:49.112Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-3930 vulnerable 2026-06-08 06:43:51.900724 XML External Entity in Akana
MEDIUM (6.3)
In versions of Akana API Platform prior to 2024.1.0 a flaw resulting in XML External Entity (XXE) was discovered.
Published: 2024-07-30T18:36:18.443Z
Updated: 2024-09-09T20:31:37.770Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-3826 vulnerable 2026-06-08 06:43:51.625716 Broken SAML Validation
In versions of Akana in versions prior to and including 2022.1.3 validation is broken when using the SAML Single Sign-On (SSO) functionality.
Published: 2024-07-02T15:49:09.391Z
Updated: 2024-08-14T14:14:05.527Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-2796 vulnerable 2026-06-08 06:35:27.373226 SSRF in Akana API Platform
CRITICAL (9.3)
A server-side request forgery (SSRF) was discovered in the Akana API Platform in versions prior to and including 2022.1.3. Reported by Jakob Antonsson.
Published: 2024-04-18T15:04:56.099Z
Updated: 2024-09-17T16:00:42.155Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.