Timing Attack
Discription

github.com/ginuerzh/gost is vulnerable to Timing Attacks. The vulnerability exists because the `Authenticate` function of `auth.go` does not properly compare sensitive secrets such as passwords, tokens and API keys using constant-time comparison, which allows an attacker to guess a secret by observing a difference in processing time for valid and invalid inputs.Read More

Back to Main

Subscribe for the latest news: