Filtered by vendor Zihanggao
Subscribe
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-25191 | 1 Zihanggao | 1 Php-jwt | 2024-11-21 | N/A | 9.8 CRITICAL |
| php-jwt 1.0.0 uses strcmp (which is not constant time) to verify authentication, which makes it easier to bypass authentication via a timing side channel. | |||||