Lucene search
PRIOn knowledge basePRION:CVE-2021-4294HistoryDec 28, 2022 - 5:15 p.m.
Design/Logic Flaw
2022-12-2817:15:00
PRIOn knowledge base
www.prio-n.com
2
openshift osin
clientsecretmatches
checkclientsecret
manipulation
timing discrepancy
patch 8612686d6dda34ae9ef6b5a974e4b7accb4fea29
vulnerability identifier vdb-216987
nvd
A vulnerability was found in OpenShift OSIN. It has been classified as problematic. This affects the function ClientSecretMatches/CheckClientSecret. The manipulation of the argument secret leads to observable timing discrepancy. The name of the patch is 8612686d6dda34ae9ef6b5a974e4b7accb4fea29. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216987.
| CPE | Name | Operator | Version |
|---|---|---|---|
| openshift_container_platform | eq | 4.0 | |
| openshift_osin | eq | 1.0.1 | |
| openshift_osin | eq | 1.0.0 |
Related
cvelist
cvelist
CVE-2021-4294 OpenShift OSIN CheckClientSecret timing discrepancy
2022-12-28 16:51:34
osv
osv
Timing attack in github.com/openshift/osin
2023-01-03 22:25:20
OpenShift OSIN vulnerable to Observable Timing Discrepancy
2022-12-28 18:30:20
CVE-2021-4294
2022-12-28 17:15:09
cve
cve
CVE-2021-4294
2022-12-28 17:15:09
nvd
nvd
CVE-2021-4294
2022-12-28 17:15:09
github
github
OpenShift OSIN vulnerable to Observable Timing Discrepancy
2022-12-28 18:30:20
veracode
veracode
Timing Attacks
2023-01-10 04:17:27
redhatcve
redhatcve
CVE-2021-4294
2022-12-29 04:35:00
redhat
redhat