Количество 2
Количество 2
CVE-2025-43866
vantage6 is an open-source infrastructure for privacy preserving analysis. The JWT secret key in the vantage6 server is auto-generated unless defined by the user. The auto-generated key is a UUID1, which is not cryptographically secure as it is predictable to some extent. This vulnerability is fixed in 4.11.0.
GHSA-m3mq-f375-5vgh
Vantage6 Server JWT secret not cryptographically secure
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-43866 vantage6 is an open-source infrastructure for privacy preserving analysis. The JWT secret key in the vantage6 server is auto-generated unless defined by the user. The auto-generated key is a UUID1, which is not cryptographically secure as it is predictable to some extent. This vulnerability is fixed in 4.11.0. | CVSS3: 7.5 | 0% Низкий | 8 месяцев назад |
| GHSA-m3mq-f375-5vgh Vantage6 Server JWT secret not cryptographically secure | 0% Низкий | 8 месяцев назад |
Уязвимостей на страницу