cve
base
Search
Products
Trending
About
Docs
Pricing
Home
/
Products
/
hashicorp
/
Hashicorp Hermes
Hashicorp Hermes vulnerabilities
1 known vulnerability affecting
hashicorp/hermes
.
Version
All versions
Total CVEs
1
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH
1
Vulnerabilities
Page 1 of 1
CVE-2025-1293
HIGH
CVSS 8.2
fixed in 0.5.0
2025-02-20
CVE-2025-1293 [HIGH] CWE-1390 CVE-2025-1293: Hermes versions up to 0.4.0 improperly validated the JWT provided when using the AWS ALB authenticat Hermes versions up to 0.4.0 improperly validated the JWT provided when using the AWS ALB authentication mode, potentially allowing for authentication bypass. This vulnerability, CVE-2025-1293, was fixed in Hermes 0.5.0.
nvd