{"id":"CVE-2022-22845","details":"QXIP SIPCAPTURE homer-app before 1.4.28 for HOMER 7.x has the same 167f0db2-f83e-4baa-9736-d56064a5b415 JWT secret key across different customers' installations.","modified":"2026-04-10T04:46:56.149319Z","published":"2022-01-10T14:12:58.567Z","references":[{"type":"ADVISORY","url":"http://sipcapture.org"},{"type":"ADVISORY","url":"https://github.com/sipcapture/homer"},{"type":"FIX","url":"https://github.com/sipcapture/homer-app/commit/7f92f3afc8b0380c14af3d0fc1c365318a2d1591"},{"type":"FIX","url":"https://github.com/sipcapture/homer-app/compare/1.4.27...1.4.28"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/sipcapture/homer-app","events":[{"introduced":"0"},{"fixed":"d4f20880d224b6cd5f857048d5899eb89aac4718"},{"fixed":"7f92f3afc8b0380c14af3d0fc1c365318a2d1591"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.4.28"}]}}],"versions":["0.1.0","1.0.1","1.0.3","1.1.12","1.1.15","1.1.16","1.1.17","1.1.20","1.1.21","1.1.23","1.1.26","1.1.27","1.1.29","1.1.35","1.1.37","1.1.40","1.1.6","1.1.8","1.2.0","1.2.1","1.3.14","1.3.15","1.3.17","1.3.18","1.3.19","1.3.20","1.3.21","1.3.22","1.3.24","1.3.25","1.3.26","1.3.27","1.3.28","1.4.0","1.4.1","1.4.13","1.4.14","1.4.15","1.4.16","1.4.17","1.4.18","1.4.2","1.4.20","1.4.21","1.4.22","1.4.23","1.4.24","1.4.25"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-22845.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}