Vulnerability Report: GO-2022-1201
- CVE-2021-4294, GHSA-m7qp-cj9p-gj85
- Affects: github.com/openshift/osin
- Published: Jan 03, 2023
- Modified: May 20, 2024
Client secret checks are vulnerable to timing attacks, which could permit an attacker to determine client secrets.
Affected Packages
-
PathGo VersionsSymbols
-
before v1.0.2-0.20210113124101-8612686d6dda
Aliases
References
- https://github.com/openshift/osin/pull/200
- https://github.com/openshift/osin/commit/8612686d6dda34ae9ef6b5a974e4b7accb4fea29
- https://vuln.go.dev/ID/GO-2022-1201.json
Feedback
See anything missing or incorrect?
Suggest an edit to this report.