Critical severityNVD Advisory· Published Dec 24, 2024· Updated Dec 31, 2024
Apache HugeGraph-Server: Fixed JWT Token(Secret)
CVE-2024-43441
Description
Authentication Bypass by Assumed-Immutable Data vulnerability in Apache HugeGraph-Server.
This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.5.0.
Users are recommended to upgrade to version 1.5.0, which fixes the issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.hugegraph:hugegraph-serverMaven | >= 1.0.0, < 1.5.0 | 1.5.0 |
Affected products
2- Range: 1.0.0
Patches
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- github.com/advisories/GHSA-f697-gm3h-xrf9ghsaADVISORY
- lists.apache.org/thread/h2607yv32wgcrywov960jpxhvsmmlf12ghsavendor-advisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2024-43441ghsaADVISORY
- www.openwall.com/lists/oss-security/2024/12/24/2ghsaWEB
- github.com/apache/incubator-hugegraph/commit/03b40a52446218c83e98cb43020e0593a744a246ghsaWEB
News mentions
0No linked articles in our index yet.