CNNVD-202508-424 Information

CNNVD ID

CNNVD-202508-424

Related CVE

CVE-2025-54876

• CNNVD Published: 2025-08-06

Description (Chinese)

Janssen是Janssen Project开源的一个开源的用户认证组件。 Janssen 1.9.0及之前版本存在安全漏洞，该漏洞源于密码以明文形式存储在日志文件中。

Description (English)

Janssen is an open-source user authentication component of the Janssen Project open source. Janssen 1.9.0 and previous versions have a security loophole, which stems from the fact that the password is stored in a log file in explicit form.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Janssen Project

Published

2025-08-06

Last Modified

2026-02-24

References

https://github.com/JanssenProject/jans/security/advisories/GHSA-2f4x-m695-jvp3 https://github.com/JanssenProject/jans/discussions/11886 https://github.com/JanssenProject/jans/pull/11903/commits/5260520e8d7ce1d1b8387c71b3571f20e643f110 https://access.redhat.com/security/cve/cve-2025-54876

Patch

https://github.com/JanssenProject/jans/releases