1 results (0.004 seconds)
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-18239
https://notcve.org/view.php?id=CVE-2017-18239
18 Mar 2018 — A time-sensitive equality check on the JWT signature in the JsonWebToken.validate method in main/scala/authentikat/jwt/JsonWebToken.scala in authentikat-jwt (aka com.jason-goodwin/authentikat-jwt) version 0.4.5 and earlier allows the supplier of a JWT token to guess bit after bit of the signature by repeating validation requests. Una comprobación de igualdad sensible al tiempo en la firma JWT en el método JsonWebToken.validate en main/scala/authentikat/jwt/JsonWebToken.scala en authentikat-jwt (también cono... • https://github.com/jasongoodwin/authentikat-jwt/commit/2d2fa0d40ac8f2f7aa7e9b070fa1a25eee082cb0 •