CVE-2024-27349

CVE-2024-27349: Apache HugeGraph-Server: Bypass whitelist in Auth mode

Vendor Apache Software Foundation

Product Apache HugeGraph-Server

Weakness CWE-290

Published April 22, 2024

Last update August 21, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

Authentication Bypass by Spoofing vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0. Users are recommended to upgrade to version 1.3.0, which fixes the issue.

Key dates

Disclosure timeline

April 22, 2024 CVE published

August 21, 2025 Record updated