CVE-2021-32026

描述

NATS server TLS missing ciphersuite settings when CLI flags used in github.com/nats-io/nats-server

受影響套件(3)

• Go/github.com/nats-io/nats-serverfrom 0
• Go/github.com/nats-io/nats-server/v2from 0, < 2.2.3
• Go/github.com/nats-io/nats-server/v2from 0, < 2.2.3

參考連結(5)

• PATCHhttps://github.com/nats-io/nats-server
• WEBhttps://advisories.nats.io
• WEBhttps://advisories.nats.io/CVE/CVE-2021-32026.txt
• WEBhttps://github.com/nats-io/nats-server/commit/ffccc2e1bd7aa2466bd9e631e976bfd7ca46f225
• WEBhttps://github.com/nats-io/nats-server/security/advisories/GHSA-jj54-5q2m-q7pj