CVE-2021-32921

Posted on by admin

CVE-2021-32921

An issue was discovered in Prosody before 0.11.9. It does not use a constant-time algorithm for comparing certain secret strings when running under Lua 5.2 or later. This can potentially be used in a timing attack to reveal the contents of secret strings to an attacker.

Source: CVE-2021-32921

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다