CVE-2016-1000236
Node-cookie-signature before 1.0.6 is affected by a timing attack due to the type of comparison used.
4.4CVSS
4.6AI Score
0.002EPSS