openshift/osin

Releases2

Frequency6 months 3 weeks

Last Release almost 8 years ago

Stars1.93K

Golang OAuth2 server library

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2021-4294 ↗	Dec 28, 2022Wednesday, 28 December 2022, 17:15	2.6 LOW	—
A vulnerability was found in OpenShift OSIN. It has been classified as problematic. This affects the function ClientSecretMatches/CheckClientSecret. The manipulation of the argument secret leads to observable timing discrepancy. The name of the patch is 8612686d6dda34ae9ef6b5a974e4b7accb4fea29. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216987.