7 matches found
CVE-2024-47178
A flaw was found in the basic-auth-connect package. Affected versions use a timing-unsafe equality comparison that can potentially leak timing information. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security...
basic-auth-connect's callback uses time unsafe string comparison
Impact basic-auth-connect 1.1.0 uses a timing-unsafe equality comparison that can leak timing information Patches this issue has been fixed in basic-auth-connect 1.1.0 References...
GHSA-7P89-P6HX-Q4FW basic-auth-connect's callback uses time unsafe string comparison
Impact basic-auth-connect 1.1.0 uses a timing-unsafe equality comparison that can leak timing information Patches this issue has been fixed in basic-auth-connect 1.1.0 References...
CVE-2024-47178 basic-auth-connect's callback uses time unsafe string comparison
basic-auth-connect is Connect's Basic Auth middleware in its own module. basic-auth-connect 1.1.0 uses a timing-unsafe equality comparison that can leak timing information. This issue has been fixed in basic-auth-connect 1.1.0...
CVE-2024-47178 basic-auth-connect's callback uses time unsafe string comparison
basic-auth-connect is Connect's Basic Auth middleware in its own module. basic-auth-connect 1.1.0 uses a timing-unsafe equality comparison that can leak timing information. This issue has been fixed in basic-auth-connect 1.1.0...
CVE-2024-47178
The CVE-2024-47178 issue affects basic-auth-connect (
CVE-2024-47178 basic-auth-connect's callback uses time unsafe string comparison
basic-auth-connect is Connect's Basic Auth middleware in its own module. basic-auth-connect 1.1.0 uses a timing-unsafe equality comparison that can leak timing information. This issue has been fixed in basic-auth-connect 1.1.0...