JSON Web Token - CVE CyberSecurity Database News (Page 2)

Jan 31, 2025 Exploit JSON Web Token Java

CVE-2024-57432 - Exploiting Insecure Permissions in macrozheng mall-tiny 1..1 with Hardcoded JWT Secrets (Exclusive Guide)

The macrozheng mall-tiny project (version 1..1) is a lightweight e-commerce platform widely used for learning and small business solutions. However, a severe vulnerability—CVE-2024-57432—

Jan 31, 2025 CSRF Exploit JSON Web Token OAuth Google

CVE-2024-1211 - GitLab JWT OmniAuth CSRF Vulnerability Explored

If your organization uses GitLab for source control and has enabled JWT as an OmniAuth provider, you may be at risk of a newly disclosed

Jan 29, 2025 Microsoft API Exploit JSON Web Token

CVE-2025-21415 - Authentication Bypass by Spoofing in Azure AI Face Service – How Attackers Can Elevate Privileges Over Network

A newly disclosed vulnerability, CVE-2025-21415, has shaken up cloud security conversations. This flaw impacts Azure AI Face Service – a critical component for many organizations using

Oct 16, 2024 RCE API Exploit JSON Web Token

CVE-2023-32188 - How NeuVector’s JWT Vulnerability Can Lead to RCE—A Deep Dive

CVE-2023-32188 is a critical vulnerability that surfaced in NeuVector, a popular container security platform. This bug revolves around how NeuVector handled JWT (JSON Web Token)

Jun 12, 2024 JSON Web Token HashiCorp Vault Enterprise

CVE-2024-5798 - How a JWT Audience Validation Bug in HashiCorp Vault Could Let Attackers In

Vault and Vault Enterprise are powerful tools for managing secrets and protecting sensitive data. Many organizations trust them for critical workloads. But in June 2024,