• caglararli@hotmail.com
  • 05386281520

CVE-2024-10920 | mariazevedo88 travels-java-api up to 5.0.1 JWT Secret JwtAuthenticationTokenFilter.java doFilterInternal hard-coded key

Çağlar Arlı      -    29 Views

CVE-2024-10920 | mariazevedo88 travels-java-api up to 5.0.1 JWT Secret JwtAuthenticationTokenFilter.java doFilterInternal hard-coded key

A vulnerability was found in mariazevedo88 travels-java-api up to 5.0.1 and classified as problematic. Affected by this issue is the function doFilterInternal of the file travels-java-api-master\src\main\java\io\github\mariazevedo88\travelsjavaapi\filters\JwtAuthenticationTokenFilter.java of the component JWT Secret Handler. The manipulation leads to use of hard-coded cryptographic key . This vulnerability is handled as CVE-2024-10920. The attack may be launched remotely. Furthermore, there is an exploit available.