Vulnerabilities > Shrinerb

DATE CVE VULNERABILITY TITLE RISK
2020-10-05 CVE-2020-15237 Information Exposure Through Timing Discrepancy vulnerability in Shrinerb Shrine
In Shrine before version 3.3.0, when using the `derivation_endpoint` plugin, it's possible for the attacker to use a timing attack to guess the signature of the derivation URL.
network
shrinerb CWE-208
4.3