Download
| Alert*
CVE-2017-12872 -- simplesamlphp
The Htpasswd authentication source in the authcrypt module and SimpleSAML_Session class in SimpleSAMLphp 1.14.11 and earlier allow remote attackers to conduct timing side-channel attacks by leveraging use of the standard comparison operator to compare secret material against user input.
|