Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-4584

Malicious code in bioql PyPI...

8.2CVSS6.3AI score0.00321EPSS
Exploits0References4
Veracode
Veracode
added 2025/02/25 7:22 a.m.6 views

Authentication Bypass

github.com/hashicorp-forge/hermes is vulnerable to Authentication Bypass. The vulnerability is due to improper validation of JWT when using the AWS ALB authentication mode, potentially allowing an authentication bypass attack...

8.2CVSS7.4AI score0.00321EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/22 1:23 a.m.9 views

CVE-2025-1293

Hermes versions up to 0.4.0 improperly validated the JWT provided when using the AWS ALB authentication mode, potentially allowing for authentication bypass. This vulnerability, CVE-2025-1293, was fixed in Hermes 0.5.0...

8.2CVSS7AI score0.00321EPSS
Exploits0References1
OSV
OSV
added 2025/02/20 3:32 a.m.6 views

GHSA-VXM9-8MFW-VC6G Hermes improperly validates a JWT

Hermes versions up to 0.4.0 improperly validated the JWT provided when using the AWS ALB authentication mode, potentially allowing for authentication bypass. This vulnerability, CVE-2025-1293, was fixed in Hermes 0.5.0...

8.2CVSS7AI score0.00321EPSS
Exploits0References4
NVD
NVD
added 2025/02/20 1:15 a.m.10 views

CVE-2025-1293

Hermes versions up to 0.4.0 improperly validated the JWT provided when using the AWS ALB authentication mode, potentially allowing for authentication bypass. This vulnerability, CVE-2025-1293, was fixed in Hermes 0.5.0...

8.2CVSS0.00321EPSS
Exploits0References1
OSV
OSV
added 2025/02/20 1:15 a.m.4 views

CVE-2025-1293

Hermes versions up to 0.4.0 improperly validated the JWT provided when using the AWS ALB authentication mode, potentially allowing for authentication bypass. This vulnerability, CVE-2025-1293, was fixed in Hermes 0.5.0...

8.2CVSS6.8AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/20 12:28 a.m.9 views

CVE-2025-1293 HashiCorp Hermes Improperly Validates AWS ALB JWTs, which May Lead to Authentication Bypass

Hermes versions up to 0.4.0 improperly validated the JWT provided when using the AWS ALB authentication mode, potentially allowing for authentication bypass. This vulnerability, CVE-2025-1293, was fixed in Hermes 0.5.0...

8.2CVSS8.3AI score0.00321EPSS
Exploits0References1
Rows per page
Query Builder