https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-05-08T02:10:12.581731+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/5071b8d4-1e7f-48ee-ad81-2688d5d67c2f/export5071b8d4-1e7f-48ee-ad81-2688d5d67c2f2026-05-08T02:10:12.991205+00:00Automation userhttp://cve.circl.lu/user/automation{"uuid": "5071b8d4-1e7f-48ee-ad81-2688d5d67c2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48396", "type": "seen", "source": "https://t.me/cvedetector/2030", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-48396 - Apache SeaTunnel Hardcoded JWT Key SSRF\", \n \"Content\": \"CVE ID : CVE-2023-48396 \nPublished : July 30, 2024, 9:15 a.m. | 43\u00a0minutes ago \nDescription : Web Authentication vulnerability in Apache SeaTunnel.\u00a0Since the jwt key is hardcoded in the application, an attacker can forge \nany token to log in any user. \n \nAttacker can get\u00a0secret key in\u00a0/seatunnel-server/seatunnel-app/src/main/resources/application.yml and then create a token. \nThis issue affects Apache SeaTunnel: 1.0.0. \n \nUsers are recommended to upgrade to version 1.0.1, which fixes the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"30 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-30T14:14:44.000000Z"}2024-07-30T14:14:44+00:00