Severity: important Affected versions:
- Apache StreamPark 2.0.0 before 2.1.7 Description: Weak Encryption Algorithm in StreamPark, The use of an AES cipher in ECB mode and a weak random number generator for encrypting sensitive data, including JWT tokens, may have risked exposing sensitive authentication data This issue affects Apache StreamPark: from 2.0.0 before 2.1.7. Users are recommended to upgrade to version 2.1.7, which fixes the issue. Credit: omkar parkhe <[email protected]> (finder) References: https://streampark.apache.org https://www.cve.org/CVERecord?id=CVE-2025-54981
