Количество 3
Количество 3
CVE-2024-56362
Navidrome is an open source web-based music collection server and streamer. Navidrome stores the JWT secret in plaintext in the navidrome.db database file under the property table. This practice introduces a security risk because anyone with access to the database file can retrieve the secret. This vulnerability is fixed in 0.54.1.
GHSA-xwx7-p63r-2rj8
Navidrome Stores JWT Secret in Plaintext in navidrome.db
SUSE-SU-2025:0060-1
Security update for govulncheck-vulndb
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-56362 Navidrome is an open source web-based music collection server and streamer. Navidrome stores the JWT secret in plaintext in the navidrome.db database file under the property table. This practice introduces a security risk because anyone with access to the database file can retrieve the secret. This vulnerability is fixed in 0.54.1. | CVSS3: 7.1 | 0% Низкий | 8 месяцев назад |
| GHSA-xwx7-p63r-2rj8 Navidrome Stores JWT Secret in Plaintext in navidrome.db | CVSS3: 7.1 | 0% Низкий | 8 месяцев назад |
 | SUSE-SU-2025:0060-1 Security update for govulncheck-vulndb | 7 месяцев назад |
Уязвимостей на страницу