@fastify/bearer-auth is vulnerable to timing attacks. The vulnerability exists because the timingSafeEqual
functionality in the compare
function of plugin.js
does not securely perform a constant-time comparison against the length of the bearer token, allowing an attacker to guess the length of the legitimate bearer token.
CPE | Name | Operator | Version |
---|---|---|---|
@fastify/bearer-auth | eq | 8.0.0 | |
@fastify/bearer-auth | le | 7.0.1 | |
@fastify/bearer-auth | eq | 8.0.0 | |
@fastify/bearer-auth | le | 7.0.1 |
github.com/fastify/fastify-bearer-auth/commit/0c468a616d7e56126dc468150f6a5a92e530b8e4
github.com/fastify/fastify-bearer-auth/commit/39353b15409ee99474545f615ffb16180cf3b716
github.com/fastify/fastify-bearer-auth/commit/f921a0582dc83112039004a9b5041141b50c5b3f
github.com/fastify/fastify-bearer-auth/security/advisories/GHSA-376v-xgjx-7mfr
hackerone.com/reports/1633287