Every CVE whose affected-product data names Alibaba Nacos, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2021-43116 — CVSS 8.8 (high): An Access Control vulnerability exists in Nacos 2.0.3 in the access prompt page; enter username and password, click on login to capture…
CVE-2021-29441 — CVSS 8.6 (high): Nacos is a platform designed for dynamic service discovery and configuration and service management. In Nacos before version 1.4.1, when…
CVE-2021-29442 — CVSS 8.6 (high): Nacos is a platform designed for dynamic service discovery and configuration and service management. In Nacos before version 1.4.1, the…
CVE-2021-44667 — CVSS 6.1 (medium): A Cross Site Scripting (XSS) vulnerability exists in Nacos 2.0.3 in auth/users via the (1) pageSize and (2) pageNo parameters.
CVE-2020-19676 — CVSS 5.3 (medium): Nacos 1.1.4 is affected by: Incorrect Access Control. An environment can be set up locally to get the service details interface. Then other…