HugeGraph-Server Security Update Advisory

Jan 02 2025

Overview

We have released a security update to address a vulnerability in HugeGraph-Server. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2024-43441

HugeGraph-Server Version: ~ 1.5.0 (excluded)

Resolved Vulnerabilities

Authentication Bypass Vulnerability via Assumed-Immutable Data (CVE-2024-43441)

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-43441

HugeGraph-Server Version: 1.5.0

References

[1] CVE-2024-43441: Apache HugeGraph-Server: Fixed JWT Token(Secret)
https://lists.apache.org/thread/h2607yv32wgcrywov960jpxhvsmmlf12

HugeGraph-Server Security Update Advisory

Apache Product Security Update Advisory

WhatsUp Gold Security Update Advisory (CVE-2024-12108)

Tags:

Apache Product Security Update Advisory

WhatsUp Gold Security Update Advisory (CVE-2024-12108)