CNNVD-202508-2538 Information

CNNVD ID

CNNVD-202508-2538

Related CVE

CVE-2025-51606

• CNNVD Published: 2025-08-21

Description (Chinese)

hippo4j是opengoofy开源的一个异步线程池框架。 hippo4j 1.0.0至1.5.0版本存在安全漏洞，该漏洞源于JWT创建中使用硬编码密钥，可能导致伪造有效访问令牌。

Description (English)

Hippo4j is an alloscope pool framework for open source open-source open-source open-source open-source. There is a security loophole in versions hippo4j 1.0.0 to 1.5.0, which stems from the use of hard-coded keys in JWT creations and may lead to the falsification of valid access tokens.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

opengoofy

Published

2025-08-21

Last Modified

2026-02-24

References

https://github.com/ShenxiuSec/cve-proofs/blob/main/POC-20250610-01.md https://nvd.nist.gov/vuln/detail/CVE-2025-51606