CVEs (1)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Json Web Token Project 1Json Web Token Apr 11, 2025 Dec 27, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Token validation methods are susceptible to a timing side-channel during HMAC comparison. With a large enough number of requests over a low latency connection, an attacker may use this to determine the expected HMAC. |