Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

12 advisories

Loading
Timing Attack in csrf-lite High
CVE-2016-10535 was published for csrf-lite (npm) Feb 18, 2019
Wildfly-elytron possibly vulnerable to timing attacks via use of unsafe comparator High
CVE-2022-3143 was published for org.wildfly.security:wildfly-elytron (Maven) Jan 13, 2023
fastify-bearer-auth vulnerable to Timing Attack Vector High
CVE-2022-31142 was published for @fastify/bearer-auth (npm) Jul 15, 2022
Uzlopak
libsecp256k1 contains side-channel timing attack High
CVE-2019-25003 was published for libsecp256k1 (Rust) Aug 25, 2021
Atlantis Events vulnerable to Timing Attack High
CVE-2022-24912 was published for github.com/runatlantis/atlantis (Go) Jul 30, 2022
Observable timing discrepancy in JOpenId High
CVE-2010-10006 was published for org.expressme:JOpenId (Maven) Jan 18, 2023
Minerva timing attack on P-256 in python-ecdsa High
CVE-2024-23342 was published for ecdsa (pip) Jan 22, 2024
tomato42
Symfony Vulnerable to Timing Attack High
CVE-2015-8125 was published for symfony/form (Composer) May 17, 2022
Python Cryptography package vulnerable to Bleichenbacher timing oracle attack High
CVE-2023-50782 was published for cryptography (pip) Feb 5, 2024
Mailman Core vulnerable to timing attacks High
CVE-2021-34337 was published for mailman (pip) Apr 15, 2023
basic-auth-connect's callback uses time unsafe string comparison High
CVE-2024-47178 was published for basic-auth-connect (npm) Sep 30, 2024
UlisesGascon ctcpip
AdamKorcz blakeembrey
ProTip! Advisories are also available from the GraphQL API