4 matches found
Use of Hard-coded Credentials
Overview Affected versions of this package are vulnerable to Use of Hard-coded Credentials in the authentication process. An attacker can gain unauthorized access to protected API endpoints, including those with administrative privileges, by forging valid JWT tokens using a publicly known secret...
CVE-2026-45039
RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, the internode RPC layer authenticates every request with an HMAC-SHA256 signature using a shared secret. The function that produces this secret, getsharedsecret in crates/ecstore/src/rpc/httpauth.rs, falls back to...
EUVD-2019-13414
Malware in sbrugna...
CVE-2019-3783: Stratos Deploys With Public Default Session Store Secret | Cloud Foundry
Severity High Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions Stratos All versions prior to 2.3.0 Description Cloud Foundry Stratos, versions prior to 2.3.0, deploys with a public default session store secret. A malicious user with default session store secret can bru...