News KrakenD Enterprise v2.3: Easing Your API Journey

Category: Security

KrakenD becomes a CNA (CVE Numbering Authority)

by Albert Lombarte

Oct 25, 2022

1 min read

The Spanish National Cybersecurity Institute (INCIBE) announces today the addition of KrakenD as a CNA (CVE Numbering Authority). KrakenD assumes as its own, from this date, the best practices of this program. KrakenD is now authorized by the CVE Program to assign CVE identifiers within its scope …

Continue reading →

CVE-2022-1561: Crafted backend urls

by Daniel López

Jun 21, 2022

1 min read

There is a new vulnerability in the Lura Project software (which is the KrakenD’s engine). We have immediately corrected the problem in the subsequent release after its report. Please upgrade to the latest version.

Continue reading →

KrakenD unnaffected by Log4j

by Albert Lombarte

Jan 6, 2022

2 min read

The year 2021 ended with terrible news for Java developers who saw how the Log4J vulnerabilities exposed their systems. KrakenD is a Go application and not a Java application. Therefore, it is not affected by this vulnerability in any way. As a result, we didn’t want to add more noise to the chain …

Continue reading →

 Stay up to date with KrakenD releases and important updates

We use cookies to understand how you use our site and to improve your overall experience. By continuing to use our site, you accept our Privacy Policy. More information