2 matches found
CVE-2025-52661
HCL AION version 2 is affected by a JWT Token Expiry Too Long vulnerability. This may increase the risk of token misuse, potentially resulting in unauthorized access if the token is compromised...
GHSA-3P3G-VPW6-4W66 Authentication Bypass in hydra
Impact When using client authentication method "privatekeyjwt" 1, OpenId specification says the following about assertion jti: A unique identifier for the token, which can be used to prevent reuse of the token. These tokens MUST only be used once, unless conditions for reuse were negotiated betwe...