JSON Web Token - CVE CyberSecurity Database News (Page 2)

Jan 31, 2025 Exploit JSON Web Token Java

CVE-2024-57432 - Exploiting Insecure Permissions in macrozheng mall-tiny 1..1 with Hardcoded JWT Secrets (Exclusive Guide)

The macrozheng mall-tiny project (version 1..1) is a lightweight e-commerce platform widely used for learning and small business solutions. However, a severe vulnerability—CVE-2024-57432—

Jan 31, 2025 CSRF Exploit JSON Web Token OAuth Google

CVE-2024-1211 - GitLab JWT OmniAuth CSRF Vulnerability Explored

If your organization uses GitLab for source control and has enabled JWT as an OmniAuth provider, you may be at risk of a newly disclosed

Jan 29, 2025 Microsoft API Exploit JSON Web Token

CVE-2025-21415 - Authentication Bypass by Spoofing in Azure AI Face Service – How Attackers Can Elevate Privileges Over Network

A newly disclosed vulnerability, CVE-2025-21415, has shaken up cloud security conversations. This flaw impacts Azure AI Face Service – a critical component for many organizations using

Oct 22, 2024 JSON Web Token Java

CVE-2024-8901 - Critical Authentication Bypass in AWS ALB Route Directive Adapter for Istio (Kubeflow OIDC Risk)

--- Executive Summary A newly disclosed vulnerability—CVE-2024-8901—impacts the AWS ALB Route Directive Adapter for Istio, an open source component previously integrated with Kubeflow.

Oct 16, 2024 RCE API Exploit JSON Web Token

CVE-2023-32188 - How NeuVector’s JWT Vulnerability Can Lead to RCE—A Deep Dive

CVE-2023-32188 is a critical vulnerability that surfaced in NeuVector, a popular container security platform. This bug revolves around how NeuVector handled JWT (JSON Web Token)