2 matches found
BIT-APISIX-2026-39999 Apache APISIX: JWT Algorithm Confusion allows authentication bypass
Authentication Bypass by Spoofing vulnerability in Apache APISIX. The attacker can completely bypass authentication capitalising on certain configurations of jwt-auth plugin. This issue affects Apache APISIX: from v2.2 through v3.16.0. Users are recommended to upgrade to version v3.17.0, which...
seerr 安全漏洞
Seerr Team has developed Seerr, a media request and discovery manager. Versions of Seerr from 2.0.0 to 3.1.0 contained security vulnerabilities. These vulnerabilities stemmed from defects in the authentication protection logic, allowing unauthenticated attackers to register new accounts and obtai...