Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-4584

Malicious code in bioql PyPI...

8.2CVSS6.3AI score0.00321EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/22 1:23 a.m.11 views

CVE-2025-1293

Hermes versions up to 0.4.0 improperly validated the JWT provided when using the AWS ALB authentication mode, potentially allowing for authentication bypass. This vulnerability, CVE-2025-1293, was fixed in Hermes 0.5.0...

8.2CVSS7AI score0.00321EPSS
Exploits0References1
OSV
OSV
added 2025/02/20 3:32 a.m.33 views

GHSA-VXM9-8MFW-VC6G Hermes improperly validates a JWT

Hermes versions up to 0.4.0 improperly validated the JWT provided when using the AWS ALB authentication mode, potentially allowing for authentication bypass. This vulnerability, CVE-2025-1293, was fixed in Hermes 0.5.0...

8.2CVSS7AI score0.00321EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/02/20 3:32 a.m.36 views

Hermes improperly validates a JWT

Hermes versions up to 0.4.0 improperly validated the JWT provided when using the AWS ALB authentication mode, potentially allowing for authentication bypass. This vulnerability, CVE-2025-1293, was fixed in Hermes 0.5.0...

8.2CVSS8.3AI score0.00321EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2025/02/20 1:15 a.m.19 views

CVE-2025-1293

Hermes versions up to 0.4.0 improperly validated the JWT provided when using the AWS ALB authentication mode, potentially allowing for authentication bypass. This vulnerability, CVE-2025-1293, was fixed in Hermes 0.5.0...

8.2CVSS0.00321EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/20 12:28 a.m.9 views

CVE-2025-1293 HashiCorp Hermes Improperly Validates AWS ALB JWTs, which May Lead to Authentication Bypass

Hermes versions up to 0.4.0 improperly validated the JWT provided when using the AWS ALB authentication mode, potentially allowing for authentication bypass. This vulnerability, CVE-2025-1293, was fixed in Hermes 0.5.0...

8.2CVSS8.3AI score0.00321EPSS
Exploits0References1
CVE
CVE
added 2025/02/20 12:28 a.m.102 views

CVE-2025-1293

Hermes versions up to 0.4.0 improperly validated JWTs when using AWS ALB authentication, potentially allowing authentication bypass. Root cause: JWT validation flaw in the AWS ALB auth flow. Impact per CVE: authentication bypass with high severity (CVSSv3.1 base score 8.2). Affected versions: up ...

8.2CVSS8.3AI score0.00321EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/02/20 12:28 a.m.32 views

CVE-2025-1293 HashiCorp Hermes Improperly Validates AWS ALB JWTs, which May Lead to Authentication Bypass

Hermes versions up to 0.4.0 improperly validated the JWT provided when using the AWS ALB authentication mode, potentially allowing for authentication bypass. This vulnerability, CVE-2025-1293, was fixed in Hermes 0.5.0...

8.2CVSS0.00321EPSS
Exploits0References1
Rows per page
Query Builder