Vulnerabilities > Shrinerb
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-10-05 | CVE-2020-15237 | Information Exposure Through Timing Discrepancy vulnerability in Shrinerb Shrine In Shrine before version 3.3.0, when using the `derivation_endpoint` plugin, it's possible for the attacker to use a timing attack to guess the signature of the derivation URL. | 4.3 |