libjwt 1.15.3 uses strcmp (which is... CVE-2024-25189
-
AV
AC
AU
C
I
A
发布:
2024-02-08
修订:
2024-08-26
libjwt 1.15.3 uses strcmp (which is not constant time) to verify authentication, which makes it easier to bypass authentication via a timing side channel.
漏洞利用/PoC
暂无可用Exp或PoC
受影响的平台与产品
当前有1条受影响产品信息
