Filtered by vendor Libjwt Subscriptions
Filtered by product Libjwt Subscriptions

Search

Switch to Advanced Search (Beta)
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-25189 2 Debian, Libjwt 2 Debian Linux, Libjwt 2025-11-18 9.8 Critical
libjwt 1.15.3 uses strcmp (which is not constant time) to verify authentication, which makes it easier to bypass authentication via a timing side channel.