A vulnerability was found in OpenShift OSIN. It has been classified as problematic. This affects the function ClientSecretMatches/CheckClientSecret. The manipulation of the argument secret leads to observable timing discrepancy. The name of the patch is 8612686d6dda34ae9ef6b5a974e4b7accb4fea29. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216987.
                
            References
                    | Link | Resource | 
|---|---|
| https://github.com/openshift/osin/commit/8612686d6dda34ae9ef6b5a974e4b7accb4fea29 | Patch | 
| https://github.com/openshift/osin/pull/200 | Issue Tracking | 
| https://vuldb.com/?ctiid.216987 | Permissions Required | 
| https://vuldb.com/?id.216987 | Permissions Required | 
| https://github.com/openshift/osin/commit/8612686d6dda34ae9ef6b5a974e4b7accb4fea29 | Patch | 
| https://github.com/openshift/osin/pull/200 | Issue Tracking | 
| https://vuldb.com/?ctiid.216987 | Permissions Required | 
| https://vuldb.com/?id.216987 | Permissions Required | 
Configurations
                    Configuration 1 (hide)
| 
 | 
History
                    No history.
Information
                Published : 2022-12-28 17:15
Updated : 2024-11-21 06:37
NVD link : CVE-2021-4294
Mitre link : CVE-2021-4294
CVE.ORG link : CVE-2021-4294
JSON object : View
Products Affected
                redhat
- openshift_osin
- openshift_container_platform
