Case Study How Showpo Rebuilt Its API Layer for a Global Headless Migration

Products
Community Edition
Open Source API Gateway Free to use The high-performance open source API gateway, free to use and trusted by thousands of teams.
Enterprise Edition
API Gateway Enterprise-Grade with SLAs Production-grade gateway with security, governance, and 24/7 support backed by SLAs.
AI Gateway Same Gateway, Now for AI LLM routing, prompt guardrails, token budgets, and a built-in MCP server, all from one gateway.
It must be mentioned again how speedy KrakenD folks are to responding and how helpful it is. It feels like we're working with a team that works here in Paylocity
Dannie Walker
Senior Software Engineer, Paylocity
Compare Open Source VS Enterprise
Contact Sales Watch a demo
Solutions
E-Government
For Governments & Public Sector
Modernize citizen services with fully on-prem, air-gapped APIs, without compromising data sovereignty.
Open Banking
For Banks & Financial Institutions
Expose open banking APIs with strict governance, predictable performance, and zero loss of control.
E-Commerce
For Digital Commerce Platforms
Increase conversions and scale traffic safely with low-latency APIs built for revenue-critical workloads.
We began by creating a model with the community version to assess its capabilities. Once we confirmed that this tool met our needs, we opted for an enterprise license. Simply to benefit from tools that facilitate integration into our model and address specific requirements of our architecture in terms of security, data transformation, and authentication management.
Nicolas Gabetty
Senior Engineer, Coop Atlantique
More industries and real-world examples: Case studies
Contact Sales Watch a demo
Resources
Knowledge Hub
Training & Certification
Documentation
Support
Security Advisories
Developer Tools
Designer
Community Playground
Enterprise Playground
Company
About us
Blog
We began by creating a model with the community version to assess its capabilities. Once we confirmed that this tool met our needs, we opted for an enterprise license. Simply to benefit from tools that facilitate integration into our model and address specific requirements of our architecture in terms of security, data transformation, and authentication management.
Nicolas Gabetty
Senior Engineer, Coop Atlantique
Compare Open Source VS Enterprise
Contact Sales Watch a demo
Partners
Docs

Partners
Docs
Compare Open Source VS Enterprise
Contact Sales
Downloads
Flexibility, performance and robustness are defining KrakenD just to name a few, we were able to quickly and easily build a robust gateway for our systems and we keep enjoying it everyday.
Samy Lastmann
CTO / Smart Tribune

CVE-2025-58187 High · CVSS 7.5 Medium Impact

crypto/x509: Name Constraint Validation Denial of Service via Quadratic Complexity

Exploitable under specific conditions

This CVE can affect KrakenD under specific conditions. Review the affected versions below and upgrade if your deployment is exposed.

Affects deployments where KrakenD validates TLS certificates from backends or clients that include name constraint extensions. Any TLS connection involving such certificates can trigger the quadratic processing path.

Component

Go standard library (crypto/x509)

Disclosed

Oct 8, 2025

CVSS Score

7.5

Description

The name constraint checking algorithm in Go’s crypto/x509 package has non-linear processing time for certain certificate inputs. Programs that validate arbitrary certificate chains — including those performing TLS verification against backends — can be forced into excessive CPU consumption by a certificate with carefully crafted name constraints. Fixed in Go 1.24.8 and Go 1.25.2. A follow-up fix addressing TLS validation failures for FQDNs with a trailing dot was released in CE 2.11.2 and EE 2.11.3.

Version summary

Community Edition

2.11.1

addresses this CVE

Affected CE versions

>= 2.0, < 2.11.1

Enterprise Edition

2.11.2

addresses this CVE

Affected EE versions

>= 2.0, < 2.11.2

Upgrade to the addressed version or later to remediate this vulnerability.

References

View CVE-2025-58187 on NVD

Stay up to date with KrakenD releases and important updates