In Shrine before version 3.3.0, when using the `derivation_endpoint` plugin, it's possible for the attacker to use a timing attack to guess the signature of the derivation URL. The problem has been fixed by comparing sent and calculated signature in constant time, using `Rack::Utils.secure_compare`. Users using the `derivation_endpoint` plugin are urged to upgrade to Shrine 3.3.0 or greater. A possible workaround is provided in the linked advisory.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2020-10-05T18:30:14
Updated: 2024-08-04T13:08:22.833Z
Reserved: 2020-06-25T00:00:00
Link: CVE-2020-15237
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-10-05T19:15:15.103
Modified: 2024-11-21T05:05:09.600
Link: CVE-2020-15237
Redhat
No data.