VYPR
High severityNVD Advisory· Published Nov 2, 2023· Updated Sep 17, 2024

CVE-2023-31579

CVE-2023-31579

Description

Dromara Lamp-Cloud before v3.8.1 was discovered to use a hardcoded cryptographic key when creating and verifying a Json Web Token. This vulnerability allows attackers to authenticate to the application via a crafted JWT token.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
top.tangyh.basic:lamp-coreMaven
< 3.8.13.8.1
top.tangyh.basic:lamp-utilMaven
< 3.8.13.8.1

Affected products

3

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.