Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Fri, 08 May 2026 02:10:13 +0000 5071b8d4-1e7f-48ee-ad81-2688d5d67c2f https://vulnerability.circl.lu/sighting/5071b8d4-1e7f-48ee-ad81-2688d5d67c2f/export {"uuid": "5071b8d4-1e7f-48ee-ad81-2688d5d67c2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48396", "type": "seen", "source": "https://t.me/cvedetector/2030", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-48396 - Apache SeaTunnel Hardcoded JWT Key SSRF\", \n \"Content\": \"CVE ID : CVE-2023-48396 \nPublished : July 30, 2024, 9:15 a.m. | 43\u00a0minutes ago \nDescription : Web Authentication vulnerability in Apache SeaTunnel.\u00a0Since the jwt key is hardcoded in the application, an attacker can forge \nany token to log in any user. \n \nAttacker can get\u00a0secret key in\u00a0/seatunnel-server/seatunnel-app/src/main/resources/application.yml and then create a token. \nThis issue affects Apache SeaTunnel: 1.0.0. \n \nUsers are recommended to upgrade to version 1.0.1, which fixes the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"30 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-30T14:14:44.000000Z"} {"uuid": "5071b8d4-1e7f-48ee-ad81-2688d5d67c2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48396", "type": "seen", "source": "https://t.me/cvedetector/2030", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-48396 - Apache SeaTunnel Hardcoded JWT Key SSRF\", \n \"Content\": \"CVE ID : CVE-2023-48396 \nPublished : July 30, 2024, 9:15 a.m. | 43\u00a0minutes ago \nDescription : Web Authentication vulnerability in Apache SeaTunnel.\u00a0Since the jwt key is hardcoded in the application, an attacker can forge \nany token to log in any user. \n \nAttacker can get\u00a0secret key in\u00a0/seatunnel-server/seatunnel-app/src/main/resources/application.yml and then create a token. \nThis issue affects Apache SeaTunnel: 1.0.0. \n \nUsers are recommended to upgrade to version 1.0.1, which fixes the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"30 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-30T14:14:44.000000Z"} https://vulnerability.circl.lu/sighting/5071b8d4-1e7f-48ee-ad81-2688d5d67c2f/export Tue, 30 Jul 2024 14:14:44 +0000