Security Advisory

CVE-2025-54981

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-12 15:10:35

Last updated 2025-12-12 19:27:16

Assigner apache

State PUBLISHED

Description

Weak Encryption Algorithm in StreamPark, The use of an AES cipher in ECB mode and a weak random number generator for encrypting sensitive data, including JWT tokens, may have risked exposing sensitive authentication data This issue affects Apache StreamPark: from 2.0.0 before 2.1.7. Users are recommended to upgrade to version 2.1.7, which fixes the issue.

← Browse all CVEs View on cve.org ↗