Lucene search
Wildfly-elytron Security Vulnerabilities
cve
wildfly-elytron: possible timing attacks via use of unsafe comparator. A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead.....
7.4CVSS
7.1AI Score
0.001EPSS
2023-01-13 06:15 AM
51