CVE-2025-13948 | opsre go-ldap-admin up to 20251011 JWT docker-compose.yaml secret key hard-coded key

Inserito da Angelo Barbosa | Dic 3, 2025 | CVE

A vulnerability labeled as problematic has been found in opsre go-ldap-admin up to 20251011. This issue affects some unknown processing of the file docs/docker-compose/docker-compose.yaml of the component JWT Handler. Executing manipulation of the argument secret key can lead to use of hard-coded cryptographic key
.

This vulnerability is tracked as CVE-2025-13948. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2025-13948 | opsre go-ldap-admin up to 20251011 JWT docker-compose.yaml secret key hard-coded key

Post correlati

CVE-2024-51247 | Draytek Vigor 3900 1.5.1.3 mainfunction.cgi doPPPo command injection

CVE-2025-7965 | CBX Restaurant Booking Plugin up to 1.2.1 on WordPress Setting cross-site request forgery

CVE-2024-36250 | Mattermost up to 9.5.10/9.11.2 MFA incorrect implementation of authentication algorithm

CVE-2025-63214 | Bridgetech VBC Server & Element Manager 6.5.0-9/6.5.0-10 improper authorization