Security Advisory

CVE-2024-47178

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-09-30 15:09:59

Last updated 2024-09-30 16:01:32

Assigner GitHub_M

State PUBLISHED

Description

basic-auth-connect is Connects Basic Auth middleware in its own module. basic-auth-connect < 1.1.0 uses a timing-unsafe equality comparison that can leak timing information. This issue has been fixed in basic-auth-connect 1.1.0.

← Browse all CVEs View on cve.org ↗