Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-1000236

Опубликовано: 19 нояб. 2019
Источник: debian

Описание

Node-cookie-signature before 1.0.6 is affected by a timing attack due to the type of comparison used.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
node-cookie-signaturefixed1.1.0-1package

Примечания

  • https://nodesecurity.io/advisories/134

  • https://github.com/tj/node-cookie-signature/commit/39791081692e9e14aa62855369e1c7f80fbfd50e

  • nodejs not covered by security support

Связанные уязвимости

ubuntu логотип

CVE-2016-1000236

CVSS3: 4.4
ubuntu
около 6 лет назад

Node-cookie-signature before 1.0.6 is affected by a timing attack due to the type of comparison used.

redhat логотип

CVE-2016-1000236

CVSS3: 5.4
redhat
больше 11 лет назад

Node-cookie-signature before 1.0.6 is affected by a timing attack due to the type of comparison used.

nvd логотип

CVE-2016-1000236

CVSS3: 4.4
nvd
около 6 лет назад

Node-cookie-signature before 1.0.6 is affected by a timing attack due to the type of comparison used.

github логотип

GHSA-92vm-wfm5-mxvv

CVSS3: 4.4
github
около 6 лет назад

cookie-signature Timing Attack