216.73.216.170

CVE-2024-47178

· Published 30/09/2024 16:15 · Modified 04/10/2024 13:51

Labels: CVE-2024-47178 2024-09-30CVE-2024-47178CWE-208[email protected]

Essential information

Published
30/09/2024 16:15
Modified
04/10/2024 13:51
Author
Creator
CISA KEV
No
CWE

Description

basic-auth-connect is Connect's Basic Auth middleware in its own module. basic-auth-connect < 1.1.0 uses a timing-unsafe equality comparison that can leak timing information. This issue has been fixed in basic-auth-connect 1.1.0.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References