Is Dollar Universe affected by the pac4j-jwt CVE-2026-29000
Article ID: 432726
Updated On:
Products
CA Automic Dollar Universe
Issue/Introduction
A critical vulnerability has been identified in the Java authentication library pac4j-jwt module (JwtAuthenticator).
Tracked as CVE-2026-29000, this vulnerability has a CVSSv3.1 score of 10.0.
The vulnerability affects pac4j-jwt 4.x before 4.5.9, 5.x before 5.7.9, and 6.x before 6.3.3.
Environment
DU 7.00.XX, 7.01.XX
Resolution
Engineering confirmed that none of the DU components uses pac4j-jwt, so DU is not impacted with this vulnerability.
Feedback
Yes
No
Powered by
