← Back to CVE List
CVE-2024-25191
Published:
2024-02-08T17:15Z
Last Modified:
2024-11-21T09:00Z
Source:
MITRE CVE List
License:
MITRE-CVE-TOS
php-jwt 1.0.0 uses strcmp (which is not constant time) to verify authentication, which makes it easier to bypass authentication via a timing side channel. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt