Filtered by vendor Gatling
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-51308 | 1 Gatling | 1 Gatling | 2025-10-09 | N/A | 5.3 MEDIUM |
| In Gatling Enterprise versions below 1.25.0, a low-privileged user that does not hold the role "admin" could perform a REST API call on read-only endpoints, allowing him to collect some information, due to missing authorization checks. | |||||
| CVE-2025-51306 | 1 Gatling | 1 Gatling | 2025-10-09 | N/A | 6.5 MEDIUM |
| In Gatling Enterprise versions below 1.25.0, a user logging-out can still use his session token to continue using the application without expiration, due to incorrect session management. | |||||