CVE-2013-10031

Summary

Plack-Middleware-Session versions before 0.17 may be vulnerable to HMAC comparison timing attacks

Affected Software

VendorProductVersion RangeStatus
MIYAGAWAPlack::Middleware::Session0.01 < 0.17affected

Weaknesses

  • CWE-1254: CWE-1254 Incorrect Comparison Logic Granularity

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References