CVE-2025-1293 HashiCorp Hermes Improperly Validates AWS ALB JWTs, which May Lead to Authentication Bypass

Main / CVE-2025-1293 HashiCorp Hermes Improperly Validates AWS ALB JWTs, which May Lead to Authentication Bypass

Discription

Hermes versions up to 0.4.0 improperly validated the JWT provided when using the AWS ALB authentication mode, potentially allowing for authentication bypass. This vulnerability, CVE-2025-1293, was fixed in Hermes…Read More

References

Back to Main

Subscribe for the latest news: