A flaw was found in Apache ShenYu Admin. The incorrect use of JWT in ShenyuAdminBootstrap allows an attacker to bypass authentication. This issue affected Apache ShenYu 2.3.0 and...Read More ...
Continue Reading
May 23, 2025
In Cloudera Data Engineering (CDE) 1.3.0, JWT authentication tokens are exposed to administrators in virtual cluster server...Read More ...
Continue Reading
May 23, 2025
Actors can use a maliciously crafted JavaScript object notation (JSON) web token (JWT) to perform privilege escalation by submitting the malicious JWT to a vulnerable method exposed on the cloud platf ...
Continue Reading
May 23, 2025
JWT is a library to work with JSON Web Token and JSON Web Signature. Prior to versions 3.4.6, 4.0.4, and 4.1.5, users of HMAC-based algorithms (HS256, HS384, and HS512) combined with LcobucciJWTSigner ...
Continue Reading
May 23, 2025
JWT is a library to work with JSON Web Token and JSON Web Signature. Prior to versions 3.4.6, 4.0.4, and 4.1.5, users of HMAC-based algorithms (HS256, HS384, and HS512) combined with LcobucciJWTSigner ...
Continue Reading
May 23, 2025
Grassroot Platform is an application to make it faster, cheaper and easier to persistently organize and mobilize people in low-income communities. Grassroot Platform before master deployment as of 202 ...
Continue Reading
May 23, 2025
Directory traversal with remote code execution can occur in /upload in ONLYOFFICE Document Server before 5.6.3, when JWT is used, via a /.. sequence in an image upload...Read More ...
Continue Reading
May 23, 2025
Common is a package of common modules that can be accessed by NIMBLE services. Common before commit number 3b96cb0293d3443b870351945f41d7d55cb34b53 did not properly verify the signature of JSON Web To ...
Continue Reading
May 23, 2025
Back to Main
