Vulnerabilities > Runatlantis

DATE CVE VULNERABILITY TITLE RISK
2022-07-29 CVE-2022-24912 Information Exposure Through Discrepancy vulnerability in Runatlantis Atlantis
The package github.com/runatlantis/atlantis/server/controllers/events before 0.19.7 are vulnerable to Timing Attack in the webhook event validator code, which does not use a constant-time comparison function to validate the webhook secret.
network
low complexity
runatlantis CWE-203
7.5
7.5